[ISN] Auditors: IRS should scan servers weekly

From: InfoSec News <alerts_at_private>
Date: Tue, 17 Mar 2009 02:30:16 -0600 (CST)
http://fcw.com/articles/2009/03/16/irs-servers.aspx

By Mary Mosquera
FCW.com
March 16, 2009

The Internal Revenue Service should scan all its computer servers each 
week to protect against malicious code and software attacks, the 
Treasury Inspector General for Tax Administration (TIGTA) said in a 
report released today.

The IRS generally has adequate security controls to prevent and respond 
to malware attacks and has taken steps to protect its computer systems 
and taxpayer data from the increasing threat of hackers, TIGTA also 
said.

The IRS uses automated antivirus software to scan its employee 
workstations on a weekly basis, but the service did not consistently 
schedule antivirus scans for servers, the report said. About 89 percent 
of servers were scanned weekly, with the remaining servers scanned less 
frequently or not at all, according to the report.

The IRS’ Cybersecurity Computer Security Incident Response Center 
responded to 961 malware incidents in calendar year 2008, an increase of 
45 percent over the prior year, Michael Phillips, the deputy inspector 
general for audit, said in the report.

[...]


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Tue Mar 17 2009 - 01:30:16 PDT

This archive was generated by hypermail 2.2.0 : Tue Mar 17 2009 - 01:35:57 PDT