IG says Interior lacks control of its Web sites

The Interior Department inspector general is recommending that the department overhaul its Web operations.

Interior needs to 'control the current unmanaged growth of Web sites, reduce security risks, comply with federal guidelines such as those governing privacy and focus on its customers,' according to an IG report (PDF).

The IG recommended that the department redesign its Web sites to focus on customers, enhance security, maintain privacy, reduce duplication and control costs.

The IG report, issued last month, faulted Interior because it lacks a comprehensive inventory of Web sites and other components supporting Interior sites, such as files, subdirectories, operating systems, routers, switches, firewalls and servers.

The audit investigators used a Web crawler to estimate that Interior has about 31,000 sites that account for between 3 million and 5 million pages of information. The report said Interior spends upwards of $220 million annually to maintain its Web presence on about 1,100 domains.

Interior 'has an excessive amount of duplicated, inconsistent, outdated and redundant information on its Web sites,' the report noted. Thousands of sites run by Interior's seven largest bureaus present duplicate information, the IG said.

Interior's Web security problems flow from 'the lack of uniform Web security policies, procedures and controls and the lack of standard configuration management,' the investigators found.

External users easily can identify network devices using network surveying tools, the report said and detailed how the audit team had identified two servers, two e-mail servers, six firewalls and 12 File Transport Protocol servers on three Bureau of Land Management networks.

Despite the criticisms, the report noted some improvements in the department's Web programs, namely, that Interior created an e-government strategy team, built an enterprise architecture and issued Web security policies.

Department officials have not responded to a request for a comment on the IG's findings.


  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected