FEDERAL GOVERNMENT AGENCIES DON’T PROTECT PERSONAL INFORMATION

This week a report released by the Government Accountability Office (GAO) has summarized the results of a nine month study of 24 major federal agencies. The study looked into how well agencies are keeping tabs on the security of their data resources including personal information.
"Agencies have not adequately designed and effectively implemented policies for periodically testing information security controls," wrote Gregory C. Wilshusen, director of information security issues for the GAO. "While almost all agencies had documented policies for security testing, the policies did not always adequately address elements important for effective testing."
Six agencies were targeted for in-depth studies. The GAO found that these agencies did not document their test methods and results, failed to define assessment methods, didn't test their controls and couldn't determine whether previously reported problems had been addressed.
Government agencies are mandated by the Federal Information Security Management Act (FISMA) to take these steps and others to improve information security within the federal government.
KnightsBridge Castle complies with all federal and state requirements for information security. It’s unfortunate that the federal government may indeed not be in compliance with the rules it applies to individuals and business.