http://fcw.com/articles/2009/09/23/inspector-general-audit.aspx By Amber Corrin FCW.com Sept 23, 2009 Some Defense Department organizations haven't scrubbed data from information technology equipment before disposing of the hardware, resulting in the possible release of information that could be used for identity theft, or releasing other sensitive DOD information, according to an Inspector General audit. An investigation by DOD's IG also found that one organization had lost track of one unclassified computer entirely, the report said. The IG released the report Sept. 21. Also failing to meet guidelines was the Defense Reutilization and Marking Service, the destination for much of the excess IT equipment in question. DRMS processing centers are charged with ensuring proper sanitization before the equipment is released for reuse by other government agencies and non-governmental organizations. The audit showed that several DOD organizations did not follow disposal policies, did not properly train personnel or did not develop and implement on-site procedures for the authorized release of IT equipment. Unaccounted-for equipment and hard drives with leftover readable information, including data such as Social Security numbers and e-mail folders, comprised most of the instances of noncompliance. [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Wed Sep 23 2009 - 22:18:56 PDT
This archive was generated by hypermail 2.2.0 : Wed Sep 23 2009 - 22:29:36 PDT