Computer Crime Research Center

etc/eye2.jpg

Government data need more security

Date: December 12, 2005
Source: Computer Crime Research Center
By: Tim Pugmire

For the second time this year, government investigators are warning about potential security problems in state computers. Hackers have not yet breached any computers since the weaknesses were highlighted last spring. But a new report issued on Wednesday by the Office of the Legislative Auditor says the private data stored by various state agencies are still at risk.

St. Paul, Minn. — Eight months ago, a state investigation found serious security flaws in the Department of Public Safety's system for online renewal of vehicle license tabs. There was no evidence that any hackers had gotten in and stolen motorists' private information, but state officials shut down the Web site to fix the problems. Other department Web sites were also checked for security weaknesses.

With the release of his latest report, Legislative Auditor James Nobles told lawmakers that the state's most important computers remain vulnerable.

"It's mainframe computers. Those are the big machines that store a lot of data and perform many core state functions. and because they're not adequately secured, that means that data in those machines are subject to too much risk, to too much unauthorized access and to too much abuse," he said.

Those three mainframe computers are critical to the state's business operations, which include social service programs, tax collection, licensing and state employee payroll.

Chris Buse, of the Office of the Legislative Auditor, says one of the security weaknesses comes from granting too much access. He says many state workers can view private information that is not required to perform their jobs. Buse says he also found security measures for some programs could be easily bypassed.
Original article



Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo