State needs to shore up security

In 1999 it was possible to enter the State Department's computer systems and browse through "sensitive" documents virtually undetected, congressional investigators report.

Security is better now, but still far from infallible, the General Accounting Office found in its Performance and Accountability Series report Jan. 17.

The State Department needs to keep working to improve security, from installing automated intrusion-detection programs to clarifying agencywide security management responsibilities, according to the GAO report. Unless such improvements are made "State's computer networks will remain vulnerable to exploitation and unauthorized access."

Computer security is a vexing problem for State because of the size and complexity of the department worldwide, GAO reported.

Security isn't the only problem. Computer system incompatibilities hamper State's ability to collaborate with other foreign affairs agencies, according to the report. The department and other U.S. agencies with overseas installations are in the early stages of planning to adopt common technology platforms to overcome the problem.

But, "if a common platform is to become a reality, State will have to overcome cultural obstacles" to coordinate well with other agencies, the GAO report stated.

According to the report, the State Department should make developing an information technology planning and investment process a top priority. In the past, the department has lacked disciplined IT project management, investment controls and an enterprise architecture. That has led to poor system cost estimating, an inability to make cost-effective system investment decisions and acquisition of computer systems that do not perform as expected, GAO found.

Featured

  • Cybersecurity
    Boy looks under voting booth at Ventura Polling Station for California primary Ventura County, California. Joseph Sohm / Shutterstock.com

    FBI breach notice rules lauded by states, but some want more

    A recent policy change by the FBI would notify states when their local election systems are hacked, but some state officials and lawmakers want the feds to inform a broader range of stakeholders in the election ecosystem.

  • paths (cybrain/Shutterstock.com)

    Does strategic planning help organizations?

    Steve Kelman notes growing support for strategic planning efforts -- and the steps agencies take to keep those plans relevant.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.