GAO blasts Agriculture security

January 2004 GAO report on Agriculture

Related Links

The Agriculture Department received a stinging reprimand from the General Accounting Office in January for what Congressional auditors said was a poor record of protecting electronic information.

USDA officials did not dispute GAO's assessment of the department's security weaknesses, which a report characterized as "significant, pervasive information security control weaknesses."

The USDA was one of seven federal agencies that received an F last year when Rep. Adam Putnam (R-Fla.) passed out grades on information security.

Citing USDA managers' failure to protect the perimeter of the department's network and set appropriate controls on mainframe access, GAO officials said that information about payroll and financial transactions, agricultural production and marketing estimates, and other sensitive information "are at increased risk of unauthorized disclosure, modification or loss, possibly without being detected."

In the report, which was completed Jan. 30 and publicly released today, GAO faulted the department for lacking a comprehensive program for dealing with electronic and physical security matters. Citing specific areas where the department has fallen behind, the report states that three USDA agencies had still not conducted risk assessments of their information systems. Furthermore, the department had tested the security controls on only half of its information systems in the past year, auditors found.

GAO found instances where servers were configured to allow unauthorized users to connect to the network without entering a valid user ID and password. Once connected, unauthorized users could gain access to system information, including user ID and password information.

The report also cited a USDA inspector general's report last year, which concluded that "lack of management involvement has been a key factor in agencies' poor security performance." GAO officials, in their more recent report, concurred.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.