[ISN] AUDIT: Small Minn. agencies need better computer security

From: InfoSec News <alerts_at_private>
Date: Tue, 14 Apr 2009 02:15:24 -0500 (CDT)
http://kstp.com/news/stories/S873629.shtml?cat=206

By Becky Nahm
KSTP.com 
04/09/2009 

Small Minnesota government agencies do not have adequate security 
controls over their computer systems according to a report [1] from the 
state auditor.

The report, released Thursday, identifies a small agency as any state 
office, bureau, board, commission, or agency with 50 or fewer employees. 
The report focused on 12 such entities.

The report showed most small agencies tested did not have the financial 
resources to dedicate staff to manage and secure their computer 
networks. It also found that many did not have written security 
policies, strong firewall controls or strong password controls. The 
report indicated most small agencies did not promptly install software 
updates nor did they routinely monitor or scan their systems for 
vulnerabilities.

The report called the risks unacceptable. It says the agencies need to 
have secure computer systems to protect the state from financial losses 
and unauthorized disclosures of data.

[1] http://www.auditor.leg.state.mn.us/

[...]


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Tue Apr 14 2009 - 00:15:24 PDT

This archive was generated by hypermail 2.2.0 : Tue Apr 14 2009 - 00:29:24 PDT