Your own people may be the problem
A recent independent audit of computer systems at five Internal Revenue Service field offices found dozens of security lapses. Five out of 12 systems administrators and security specialists, for instance, did not know who was responsible for maintaining Microsoft Corp. Windows workstations and servers or for applying and testing security patches.
At least eight out of 12 administrators whom the auditors interviewed said they had not been checking computers under their control for unauthorized changes to systems that were supposed to be kept securely configured.
By Florence Olsen at FCW.
[ Read more ]