IG finds FEMA's laptop security faulty

"Improved Administration Can Enhance Federal Emergency Management Laptop Computer Security" (.pdf)

Related Links

The Federal Emergency Management Agency does not have effective procedures to protect information contained on its laptop computers, according to a new report from Richard Skinner, the Homeland Security Department’s inspector general.

The IG tested 298 of the 32,000 laptop computers FEMA has in its inventory and discovered significant shortcomings in the agency’s ability to set security configurations, conduct patching to remedy vulnerabilities and manage its inventory.

“As a result, sensitive information stored and processed in FEMA’s laptop computers may not be protected properly,” Skinner wrote in the report.

The same ineffective configurations extend to FEMA’s desktop computers, suggesting that the problem is widespread throughout the agency, the report states.

Skinner said his staff was unable to review FEMA’s compliance with the requirements of the Federal Information Security Management Act because the agency did not have a complete inventory of its laptop computers.

FEMA officials agreed with the IG’s report.

Alice Lipowicz writes for Washington Technology, an 1105 Government Information Group publication.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected