GAO blasts Agriculture security

January 2004 GAO report on Agriculture

Related Links

The Agriculture Department received a stinging reprimand from the General Accounting Office in January for what Congressional auditors said was a poor record of protecting electronic information.

USDA officials did not dispute GAO's assessment of the department's security weaknesses, which a report characterized as "significant, pervasive information security control weaknesses."

The USDA was one of seven federal agencies that received an F last year when Rep. Adam Putnam (R-Fla.) passed out grades on information security.

Citing USDA managers' failure to protect the perimeter of the department's network and set appropriate controls on mainframe access, GAO officials said that information about payroll and financial transactions, agricultural production and marketing estimates, and other sensitive information "are at increased risk of unauthorized disclosure, modification or loss, possibly without being detected."

In the report, which was completed Jan. 30 and publicly released today, GAO faulted the department for lacking a comprehensive program for dealing with electronic and physical security matters. Citing specific areas where the department has fallen behind, the report states that three USDA agencies had still not conducted risk assessments of their information systems. Furthermore, the department had tested the security controls on only half of its information systems in the past year, auditors found.

GAO found instances where servers were configured to allow unauthorized users to connect to the network without entering a valid user ID and password. Once connected, unauthorized users could gain access to system information, including user ID and password information.

The report also cited a USDA inspector general's report last year, which concluded that "lack of management involvement has been a key factor in agencies' poor security performance." GAO officials, in their more recent report, concurred.

Featured

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.