Government data need more security
Date: December 12, 2005Source: Computer Crime Research Center
By:
For the second time this year, government investigators are warning about potential security problems in state computers. Hackers have not yet breached any computers since the weaknesses were highlighted last spring. But a new report issued on Wednesday by the Office of the Legislative Auditor says the private data stored by various state agencies are still at risk.
St. Paul, Minn. — Eight months ago, a state investigation found serious security flaws in the Department of Public Safety's system for online renewal of vehicle license tabs. There was no evidence that any hackers had gotten in and stolen motorists' private information, but state officials shut down the Web site to fix the problems. Other department Web sites were also checked for security weaknesses.
With the release of his latest report, Legislative Auditor James Nobles told lawmakers that the state's most important computers remain vulnerable.
"It's mainframe computers. Those are the big machines that store a lot of data and perform many core state functions. and because they're not adequately secured, that means that data in those machines are subject to too much risk, to too much unauthorized access and to too much abuse," he said.
Those three mainframe computers are critical to the state's business operations, which include social service programs, tax collection, licensing and state employee payroll.
Chris Buse, of the Office of the Legislative Auditor, says one of the security weaknesses comes from granting too much access. He says many state workers can view private information that is not required to perform their jobs. Buse says he also found security measures for some programs could be easily bypassed.
Add comment
Email to a Friend
