Bureau told to plug security gaps

GAO letter to Bureau of Public Debt

Related Links

The Bureau of the Public Debt, which manages more than $5 billion a year, must overhaul its computer security to protect against unauthorized disclosure of financial information and other data, according to the General Accounting Office.

If left uncorrected, holes in the computer system could "increase the risk of inappropriate disclosure or modification of sensitive information or disruption of critical operations," the watchdog agency said.

Although the bureau has some computer controls that detect potential "irregularities or improprieties in its financial data or transactions," they are not preventive controls, GAO officials said in a letter to the bureau dated Sept. 13.

"Thus, BPD's computer resources or operating environment are exposed to threats such as unintentional errors or omissions or intentional modification...or destruction of data and programs by disgruntled employees or intruders," according to GAO.

Bureau officials had no immediate comment on the problem, but GAO analysts said they are fixing some of the vulnerability problems pointed out in earlier GAO reports.

Among the security gaps GAO cited:

* The bureau's password requirements for access control did not comply with industry standards.

* Although metal detectors operated properly, improvements could be made to other physical safeguards, such as locks, guards and alarms.

* During a power outage, the backup power system did not operate properly, which could increase the risk of individuals gaining unauthorized access to data.


  • 2018 Fed 100

    The 2018 Federal 100

    This year's Fed 100 winners show just how much committed and talented individuals can accomplish in federal IT. Read their profiles to learn more!

  • Census
    How tech can save money for 2020 census

    Trump campaign taps census question as a fund-raising tool

    A fundraising email for the Trump-Pence reelection campaign is trying to get supporters behind a controversial change to the census -- asking respondents whether or not they are U.S. citizens.

  • Cloud
    DOD cloud

    DOD's latest cloud moves leave plenty of questions

    Speculation is still swirling about the implications of the draft solicitation for JEDI -- and about why a separate agreement for cloud-migration services was scaled back so dramatically.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.