Network security: The auditors point of view
sean at donelan.com
Mon Dec 10 04:38:04 UTC 2001
On Sun, 9 Dec 2001, Patrick Greenwell wrote:
> I have no personal knowledge of the DOI's infrastructure, and unless you
> do, I think we're all left to speculate as to whether or not the "home
> page server" of the DOI had access to the Indian trust data. My
> speculation would be that it does if it's Internet connected...
The great thing about our government is public oversight. It may be
embarrassing to the managers involved, but Interior's computer security
is detailed in several places.
Information Security: Weak Controls Place Interior's Financial and Other
Data at Risk. July 3 2001.
DoI responds: "While this audit, as well as previous audits, have
identified areas where NBC-Denver can improve its management controls,
none of these audits has ever shown that the integrity of the financial
data has ever been compromised. Our on-going operations have provided our
customers accurate financial information and timely delivery of services."
More information about the NANOG