GAO blasts Agriculture security

January 2004 GAO report on Agriculture

Related Links

The Agriculture Department received a stinging reprimand from the General Accounting Office in January for what Congressional auditors said was a poor record of protecting electronic information.

USDA officials did not dispute GAO's assessment of the department's security weaknesses, which a report characterized as "significant, pervasive information security control weaknesses."

The USDA was one of seven federal agencies that received an F last year when Rep. Adam Putnam (R-Fla.) passed out grades on information security.

Citing USDA managers' failure to protect the perimeter of the department's network and set appropriate controls on mainframe access, GAO officials said that information about payroll and financial transactions, agricultural production and marketing estimates, and other sensitive information "are at increased risk of unauthorized disclosure, modification or loss, possibly without being detected."

In the report, which was completed Jan. 30 and publicly released today, GAO faulted the department for lacking a comprehensive program for dealing with electronic and physical security matters. Citing specific areas where the department has fallen behind, the report states that three USDA agencies had still not conducted risk assessments of their information systems. Furthermore, the department had tested the security controls on only half of its information systems in the past year, auditors found.

GAO found instances where servers were configured to allow unauthorized users to connect to the network without entering a valid user ID and password. Once connected, unauthorized users could gain access to system information, including user ID and password information.

The report also cited a USDA inspector general's report last year, which concluded that "lack of management involvement has been a key factor in agencies' poor security performance." GAO officials, in their more recent report, concurred.

Featured

  • Management
    people standing on keyboard (Who is Danny/Shutterstock.com)

    OPM-GSA merger plan detailed in legislative proposal

    The White House is proposing legislation for a dramatic overhaul of human resources inside government and wants $50 million to execute the plan.

  • Cloud
    cloud applications (chanpipat/Shutterstock.com)

    GSA plans civilian DEOS counterpart

    GSA is developing a cloud email and enterprise services contract inspired by the single-source vehicle the Department of Defense devised for back-office software.

  • Defense
    software (whiteMocca/Shutterstock.com)

    DOD looks to unify software spending for 2020

    Defense Department acquisition head, Ellen Lord, hopes to simplify software buying and improve business systems following the release of the Defense Innovation Board's final software acquisition study.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.