[ISN] GAO Says IRS Data Security Problems Persist

From: InfoSec News <alerts_at_private>
Date: Fri, 18 Mar 2011 01:43:19 -0600 (CST)
http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=229301206

By Elizabeth Montalbano 
InformationWeek
March 17, 2011 

The IRS still isn't doing enough security-wise to protect the 
confidentially of financial and taxpayer information -- particularly 
from insider threats – despite repeated tries at fixing previously 
identified security problems, a federal watchdog agency has found.

Weaknesses continue to plague a number of Internal Revenue Service IT 
access-control systems that leave sensitive data vulnerable, according 
to a report (PDF) released this week by the Government Accountability 
Office (GAO), which performed a fiscal-year 2010 audit on the agency.

Though the agency noted some security improvements, it still found that 
65 of 88 weaknesses previously found in IRS access-control systems -- or 
74% -- remain "unresolved or unmitigated." Moreover, the GAO identified 
37 new weaknesses that leave data open to a number of insider threats.

"An underlying reason for these weaknesses is that IRS has not yet fully 
implemented key components of its comprehensive information security 
program," according to the GAO. "Although IRS has processes in place 
intended to monitor and assess its internal controls, these processes 
were not always effective."

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Fri Mar 18 2011 - 00:43:19 PDT

This archive was generated by hypermail 2.2.0 : Fri Mar 18 2011 - 00:53:15 PDT