Bureau told to plug security gaps

GAO letter to Bureau of Public Debt

Related Links

The Bureau of the Public Debt, which manages more than $5 billion a year, must overhaul its computer security to protect against unauthorized disclosure of financial information and other data, according to the General Accounting Office.

If left uncorrected, holes in the computer system could "increase the risk of inappropriate disclosure or modification of sensitive information or disruption of critical operations," the watchdog agency said.

Although the bureau has some computer controls that detect potential "irregularities or improprieties in its financial data or transactions," they are not preventive controls, GAO officials said in a letter to the bureau dated Sept. 13.

"Thus, BPD's computer resources or operating environment are exposed to threats such as unintentional errors or omissions or intentional modification...or destruction of data and programs by disgruntled employees or intruders," according to GAO.

Bureau officials had no immediate comment on the problem, but GAO analysts said they are fixing some of the vulnerability problems pointed out in earlier GAO reports.

Among the security gaps GAO cited:

* The bureau's password requirements for access control did not comply with industry standards.

* Although metal detectors operated properly, improvements could be made to other physical safeguards, such as locks, guards and alarms.

* During a power outage, the backup power system did not operate properly, which could increase the risk of individuals gaining unauthorized access to data.

Featured

  • Federal 100 Awards
    Federal 100 logo

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

Stay Connected