Cloud

GSA IT is vulnerable, IG says

Shutterstock image (by wk1003mike): cloud system fracture.

In a semiannual report to Congress released Nov. 30, the General Services Administration's Office of Inspector General highlighted a series of IT vulnerabilities and challenges at the agency.

The IT notes are part of the report's broad account of the IG's fiscal 2015 activities: 161 investigations opened, 204 closed and recommendations to put $1.3 billion in funding to better use that fiscal year.

"GSA IT systems do not always use effective data models, business rule validation checks or data exchange specifications to ensure data quality," the report states. "Challenges exist because GSA systems often do not integrate with each other, resulting in duplication of business processes, cost inefficiencies and customer dissatisfaction."

In particular, the report cites integration problems with GSA's Authorized Leave and Overtime Help Application and the Electronic Time and Attendance Management System.

"Due to design weaknesses in the interface between the two systems, GSA does not have sufficient assurance that the leave balances for thousands of its employees are accurate," the report states, noting that thousands of employees have been affected by discrepancies.

The report also addresses outstanding "sensitive data access control vulnerabilities within GSA's cloud computing environment" that were first reported in October 2014.

The vulnerability details were restricted, but IG spokeswoman Sarah Breen said five of the IG's eight recommendations remained open as of early December, despite being due to be closed by Nov. 15.

"However, the final verification of the outstanding corrective actions is in process, and we expect it to be complete soon," she added.

About the Author

Zach Noble is a former FCW staff writer.

Featured

  • People
    2021 Federal 100 Awards

    Announcing the 2021 Federal 100 Award winners

    Meet the women and men being honored for their exceptional contributions to federal IT.

  • Comment
    Diverse Workforce (Image: Shutterstock)

    Who cares if you wear a hoodie or a suit? It’s the mission that matters most

    Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.

Stay Connected