Department Of The Interior Can't Locate Many PCs - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Cloud // Cloud Storage
News
5/26/2009
04:53 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Department Of The Interior Can't Locate Many PCs

The federal agency can't locate 20% of its computers and, because it has no encryption requirements, the missing PCs could be vulnerable to data theft or loss.

The Department of the Interior can't specifically locate 20% of a sample of 2,500 computers -- largely in the Fish and Wildlife Service -- and is definitely missing at least 13 computers, according to a report by the department's inspector general. To make matters worse, the department has no encryption requirements, so there's concern that missing PCs might be vulnerable to data theft or loss.

In many cases, the Interior Department can't even tell where or to whom agency computers are assigned, the report noted. Fish and Wildlife Service records were singled out as especially poor. The Interior Department's accountability is bad enough that the 13 computers identified as missing wouldn't have even been identified as such if not for the inspector general's report.

Between October 2007 and November 2008, the department reported the loss of 66 laptops, including 17 losses identified as "high criticality." The agencies with the highest reported incidence of loss were actually the ones most able to provide information on the locations of their laptops to the inspector general, suggesting that these numbers could be even higher.

"Given the department's diverse missions, varying and often opposing constituencies, and controversial issues including environmental and Indian trust matters, infrastructure assets such as dams, bridges, and monuments, and land and minerals management activities, information control is essential," the inspector general wrote in the report.

Despite policies mandated by the Federal Information Systems Management Act and other regulations, including rules that say computers should not be left unattended in plain view and that organizations should establish policies to protect their systems from unauthorized access, the Department of the Interior doesn't require that any hardware that costs less than $5,000 -- that would cover most PCs -- be tracked in an asset management system, and the current tracking system doesn't have proper backing, according to the report.

That system, run by the National Business Center, only recently began, and the report says that it's "facing challenges" because the various Interior Department subagencies individually report laptop purchases to the NBC.

The report recommends that the department take a number of steps to improve asset management, including establishing a consistent chain of custody for computers, consistently wiping drives clean before disposing of PCs, reporting all losses or thefts to a centralized Computer Incident Response Center, and immediately encrypting all departmental PCs.


InformationWeek Analytics has published an independent analysis on what executives really think about security. Download the report here (registration required).

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll