Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Audit finds state computer security needs improvement

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Audit finds state computer security needs improvement
Date: Thu, 22 Jun 2006 02:31:00 -0500 (CDT) 
http://www.billingsgazette.net/articles/2006/06/20/news/state/24-computer-audit.txt

By The Associated Press
June 20, 2006

HELENA -- The state computer system building, and the taxpayer
information and other sensitive data it holds, are vulnerable to
security breaches, legislative auditors told lawmakers Tuesday.

The audit came one day after the state computer system's second
failure in less than a month.

The computer system for much of state government, including servers
and key network systems, is housed in the basement of a 60-year-old
building that is not completely secure, legislative auditors said.

The computer systems are behind a door that requires an access
keycard, but the wall does not extend to the ceiling, the audit said.
Legislative Audit Division staff said the computer center relies on
"security through obscurity."

State Chief Information Officer Dick Clark said his staff has
developed a series of quick deadlines to meet improvements suggested
by the auditors. The governor's office also has talked about
constructing a new building for the computer system.

Lawmakers said the lack of security is a big problem because state
computers warehouse a lot of sensitive data, including complete
records on taxpayers and others.

"I think this is some pretty serious stuff," said Rep. Dee Brown,
R-Hungry Horse.

Clark said his agency also is reviewing the credentials given to
people who have access to the computer system's location.

Auditors made a number of suggestions, including the need for a better
inventory of all the systems and data in the computer center, more
intense security precautions, and strengthened safeguards to mitigate
risks associated with earthquakes or flooding in the building's
basement.

The shutdown of the computer system on Monday had nothing to do with
security.

The system shut itself down after a fire alarm went off in the
building and fire extinguishers released a chemical to suck oxygen
from the air. The equipment was brought back on line late in the
afternoon.

In late May, most of the state computer system went down for a day
when a major piece of network equipment failed.

Copyright © The Billings Gazette



_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Audit finds state computer security needs improvement, InfoSec News <=
Previous by Date:  [ISN] Wi-Fi drivers open laptops to hackers, InfoSec News
Next by Date:  [ISN] UBS Trial: Defense Attacks 'Sloppy' Investigation, InfoSec News
Previous by Thread:  [ISN] Wi-Fi drivers open laptops to hackers, InfoSec News
Next by Thread:  [ISN] UBS Trial: Defense Attacks 'Sloppy' Investigation, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]