TechTarget

US government warned of security risks

The US government’s Department of Health and Human Services (DHHS) has been warned of “significant” weaknesses in its information security, leaving it vulnerable to hackers, according to a report by the US Government Accountability Office (GAO).

The US government’s Department of Health and Human Services (DHHS) has been warned of “significant” weaknesses...

in its information security, leaving it vulnerable to hackers, according to a report by the US Government Accountability Office (GAO).   The report accused the DHHS and Centres for Medicare and Medicaid Services of having  “significant weaknesses” in their electronic access controls and other information system controls designed to protect the confidentiality, integrity and availability of information and information systems.

It added that a key reason for the weaknesses was that the DHHS had not yet fully implemented a department-wide information security program, leaving medical and financial information systems vulnerable to unauthorised access, use, modification and destruction.

In particular, the GAO identified weaknesses in the way DHHS divisions and contractors restricted network access, managed anti-virus software, configured network devices and protected information crossing department networks.

The report caused a row with officials, who said the GAO had not taken into consideration an additional seven months’ work the DHHS had done to improve its information security.

The DHHS is probably not the first government department to be criticised for its information security, nor the last. In many cases, just knowing what devices are located on the network is a challenge, both in the public and private sectors. If nothing else, the GAO report will be a wake-up call to all government departments, on both sides of the pond.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close