Data protection weak in some US federal agencies, GAO finds


Data protection weak in some US federal agencies, GAO finds

Warwick Ashford

Some US federal agencies need better safeguards to protect highly sensitive data from contract workers, says the Government Accountability Office (GAO).

The Departments of Defense, Homeland Security and Health and Human Services lack safeguards to keep contract workers away from sensitive information, according to the GAO's latest report.

The departments also do not specify contractor responsibilities for prompt notification if unauthorised disclosure of information or misuse occurs, the report said.

This is despite the fact that insider access to sensitive data on federal computer networks is a chief security concern of federal agencies, according to US reports.

The GAO report recommends that the US Office of Federal Procurement Policy administrator work with the Federal Acquisition Regulation Council to oversee changes in the guidelines on acquiring goods and services to address the lack of data protection safeguards.

In March, the GAO found that the IT at the US Inland Revenue Service (IRS) had multiple security weaknesses that put taxpayer information at risk, particularly to insider threats.

The GAO recommended that the IRS develop policies and procedures for network security, train contract workers on security awareness, and implement a disaster recovery plan.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy