GAO slams SEC protection of sensitive data -- GCN

Cybersecurity

GAO slams SEC protection of sensitive data

By Mary Mosquera
Apr 01, 2005

Gregory Wilshusen

Rachel Gordon

The Securities and Exchange Commission needs to strengthen its controls over financial and other sensitive data, the Government Accountability Office says in a new report.

Specifically, SEC should improve its controls over user accounts and passwords, access rights and permissions, network security and monitoring of security events to prevent or detect unauthorized access to its systems, according to the report.

A major reason for the weaknesses is that the agency has not fully established a comprehensive security program, GAO said.

'Sensitive data'including payroll and financial transactions, personnel data, regulatory, and other mission critical information'are at increased risk of unauthorized disclosure, modification or loss, possibly without being detected,' said Gregory Wilshusen, GAO's director for information security issues.

SEC said it would implement the GAO recommendations by June 2006 and indicated that some had already been implemented.

To see the GAO report, go to www.gcn.com and enter 397 in the GCN.com/box.

About the Author

Mary Mosquera is a reporter for Federal Computer Week.

E-Mail this page

Printable Format

Phone-DOS attacks in extortion scam target gov offices04/03/2013
The stuff of world's largest fiber optic LAN: Sandia's network by the numbers03/05/2013
Why LTE is the next generation in wireless04/08/2013
Can you trust your data recovery vendor?09/03/2010
Strong passwords: You DO have better ideas!05/17/2010

inside gcn

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Name: (Optional) Email: (Optional) Location: (Optional)

Your Comment:

Please type the letters/numbers you see above

resources

HTML - No Current Item Deck

TRENDING