In response to a report issued by the Treasury Department Inspector General for Tax Administration (TIGTA), the IRS failed to revoke access to sensitive tax systems from contractors and didn’t have protections for some of those systems to prevent unauthorized removal of taxpayer data.
Melvin Lammerts, Hacking Lead at Hadrian had this comment:
“The IRS’s lax practices of neglecting to revoke access for unqualified contractors and lacking sufficient data protection measures expose serious security risks; while acknowledging the problem is a start, concrete actions like strict access controls and enhanced data security are imperative to safeguarding taxpayer information.”
This example should be noted by businesses and organizations of all sorts to make sure that their access control policies are solid and are actually followed. Otherwise they risk a major event that would have the potential to harm many.
Like this:
Like Loading...
Related
This entry was posted on February 12, 2024 at 1:44 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
IRS Struggles With Poor Taxpayer Data Protections Says Report
In response to a report issued by the Treasury Department Inspector General for Tax Administration (TIGTA), the IRS failed to revoke access to sensitive tax systems from contractors and didn’t have protections for some of those systems to prevent unauthorized removal of taxpayer data.
Melvin Lammerts, Hacking Lead at Hadrian had this comment:
“The IRS’s lax practices of neglecting to revoke access for unqualified contractors and lacking sufficient data protection measures expose serious security risks; while acknowledging the problem is a start, concrete actions like strict access controls and enhanced data security are imperative to safeguarding taxpayer information.”
This example should be noted by businesses and organizations of all sorts to make sure that their access control policies are solid and are actually followed. Otherwise they risk a major event that would have the potential to harm many.
Share this:
Like this:
Related
This entry was posted on February 12, 2024 at 1:44 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.