GAO blasts Agriculture security

January 2004 GAO report on Agriculture

Related Links

The Agriculture Department received a stinging reprimand from the General Accounting Office in January for what Congressional auditors said was a poor record of protecting electronic information.

USDA officials did not dispute GAO's assessment of the department's security weaknesses, which a report characterized as "significant, pervasive information security control weaknesses."

The USDA was one of seven federal agencies that received an F last year when Rep. Adam Putnam (R-Fla.) passed out grades on information security.

Citing USDA managers' failure to protect the perimeter of the department's network and set appropriate controls on mainframe access, GAO officials said that information about payroll and financial transactions, agricultural production and marketing estimates, and other sensitive information "are at increased risk of unauthorized disclosure, modification or loss, possibly without being detected."

In the report, which was completed Jan. 30 and publicly released today, GAO faulted the department for lacking a comprehensive program for dealing with electronic and physical security matters. Citing specific areas where the department has fallen behind, the report states that three USDA agencies had still not conducted risk assessments of their information systems. Furthermore, the department had tested the security controls on only half of its information systems in the past year, auditors found.

GAO found instances where servers were configured to allow unauthorized users to connect to the network without entering a valid user ID and password. Once connected, unauthorized users could gain access to system information, including user ID and password information.

The report also cited a USDA inspector general's report last year, which concluded that "lack of management involvement has been a key factor in agencies' poor security performance." GAO officials, in their more recent report, concurred.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.