Posted on Friday, October 17, 2008 9:19 AM
The Homeland Security Department has not deployed effective controls on
portable storage devices that may be attached to its unclassified
computer systems, according to an audit report [1] from DHS Inspector
General Richard Skinner released today.
“DHS has not implemented effective controls to restrict unauthorized
devices from being connected to DHS’ unclassified systems,” the audit
stated.
The proliferation of portable storage devices that include external hard
drives, flash drives and jump drives has been recognized as a risk for
computer security. If unauthorized devices are connected to a federal
network, that may result in unauthorized access or theft of sensitive
information.
During the audit, which was performed from February to May, the IG
identified unauthorized data storage devices connected to departmental
servers and workstations at 11 DHS component agencies, though it was not
clear whether the devices were functioning or whether data had been
transferred from those devices.
Read more :
http://www.dhs.gov/xoig/assets/mgmtrpts/OIG_08-95_Sep08.pdf