GAO: FDIC Needs Stronger Security Controls
Author: Dave Lewis
Meh, they only handle the insurance for your money. No biggie right?
From FCW:
A key reason for the latest weaknesses the auditors found is that the FDIC did not always fully implement critical information security program activities, GAO said.
For example, multiple FDIC users shared the same login ID and password, had unrestricted access to application source code and used a password that was not adequately encrypted. The FDIC also did not fully test configuration controls, GAO reported,
Until the FDIC fully performs key information security program activities, GAO said there is an increased risk that it may not be able to maintain sufficient control over its financial systems and information.
Yeah, see that’s bad m’kay.
