Bureau told to plug security gaps

GAO letter to Bureau of Public Debt

Related Links

The Bureau of the Public Debt, which manages more than $5 billion a year, must overhaul its computer security to protect against unauthorized disclosure of financial information and other data, according to the General Accounting Office.

If left uncorrected, holes in the computer system could "increase the risk of inappropriate disclosure or modification of sensitive information or disruption of critical operations," the watchdog agency said.

Although the bureau has some computer controls that detect potential "irregularities or improprieties in its financial data or transactions," they are not preventive controls, GAO officials said in a letter to the bureau dated Sept. 13.

"Thus, BPD's computer resources or operating environment are exposed to threats such as unintentional errors or omissions or intentional modification...or destruction of data and programs by disgruntled employees or intruders," according to GAO.

Bureau officials had no immediate comment on the problem, but GAO analysts said they are fixing some of the vulnerability problems pointed out in earlier GAO reports.

Among the security gaps GAO cited:

* The bureau's password requirements for access control did not comply with industry standards.

* Although metal detectors operated properly, improvements could be made to other physical safeguards, such as locks, guards and alarms.

* During a power outage, the backup power system did not operate properly, which could increase the risk of individuals gaining unauthorized access to data.

Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected