http://www.fcw.com/online/news/154093-1.html



By Alice Lipowicz

FCW.com

October 16, 2008



The Homeland Security Department has not deployed effective controls on 

portable storage devices that may be attached to its unclassified 

computer systems, according to an audit report [1] from DHS Inspector 

General Richard Skinner released today.



“DHS has not implemented effective controls to restrict unauthorized 

devices from being connected to DHS’ unclassified systems,” the audit 

stated.



The proliferation of portable storage devices that include external hard 

drives, flash drives and jump drives has been recognized as a risk for 

computer security. If unauthorized devices are connected to a federal 

network, that may result in unauthorized access or theft of sensitive 

information.



During the audit, which was performed from February to May, the IG 

identified unauthorized data storage devices connected to departmental 

servers and workstations at 11 DHS component agencies, though it was not 

clear whether the devices were functioning or whether data had been 

transferred from those devices.



[1] http://www.dhs.gov/xoig/assets/mgmtrpts/OIG_08-95_Sep08.pdf



[...]





__________________________________________________      

Register now for HITBSecConf2008 - Malaysia! With 

a new triple-track conference featuring 4 keynote 

speakers and over 35 international experts, this 

is the largest network security event in Asia and 

the Middle East! 

http://conference.hackinthebox.org/hitbsecconf2008kl/



Received on Thu Oct 16 2008 - 23:29:20 PDT