IG finds FEMA's laptop security faulty

"Improved Administration Can Enhance Federal Emergency Management Laptop Computer Security" (.pdf)

Related Links

The Federal Emergency Management Agency does not have effective procedures to protect information contained on its laptop computers, according to a new report from Richard Skinner, the Homeland Security Department’s inspector general.

The IG tested 298 of the 32,000 laptop computers FEMA has in its inventory and discovered significant shortcomings in the agency’s ability to set security configurations, conduct patching to remedy vulnerabilities and manage its inventory.

“As a result, sensitive information stored and processed in FEMA’s laptop computers may not be protected properly,” Skinner wrote in the report.

The same ineffective configurations extend to FEMA’s desktop computers, suggesting that the problem is widespread throughout the agency, the report states.

Skinner said his staff was unable to review FEMA’s compliance with the requirements of the Federal Information Security Management Act because the agency did not have a complete inventory of its laptop computers.

FEMA officials agreed with the IG’s report.

Alice Lipowicz writes for Washington Technology, an 1105 Government Information Group publication.

Featured

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.