http://cjonline.com/stories/061908/sta_292615657.shtml By James Carlson The Capital-Journal June 19, 2008 The Kansas Department of Administration is tightening its computer security standards after an audit revealed Wednesday that state equipment slated for sale to the public contained confidential information. A review of the state surplus property program, which sells outdated equipment to the public, found seven of the 15 machines inspected contained information considered confidential under state and federal law, including one computer that still had 2,856 Social Security numbers in a file. "After reading through this report, I had to take a couple nitroglycerin tablets and go lay down," said Rep. Virgil Peck, R-Tyro, a member of the Legislative Post Audit Committee that received the results. Some of the computers were reformatted, but that doesn't permanently delete all files. Auditor Allan Foster demonstrated an off-the-shelf program that can retrieve such data off a hard drive. He said some state agencies had policies for properly removing information but thought the surplus program would wipe the hard drives clean. Other agencies had no policy at all. [...] _______________________________________________ Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Fri Jun 20 2008 - 01:27:36 PDT