By Robert McMillan
April 09, 2007
IDG News Service
After an auditor found serious security problems in the way it handled
sensitive data on laptops, the Internal Revenue Service said it will
have all laptops encrypted within the next few weeks.
Speaking in an interview with National Public Radio over the weekend,
Internal Revenue Service Commissioner Mark Everson said his organization
was making the effort following a recently released audit that found
unencrypted data on a large percentage of IRS laptop computers.
"What the report showed, which was correct, was that we weren't taking
the proper steps to protect some laptops," Everson said. "We've worked
to encrypt all of the laptops and that's just about done. We've got a
couple dozen more we've got to finish up in the next few weeks."
Auditors tested 100 laptop computers used by IRS employees and found
that 44 of them contained "unencrypted sensitive data, including
taxpayer data and employee personnel data."
The audit was conducted by the Treasury Inspector General for Tax
Administration. It also determined that nearly 500 IRS laptops went
missing between Jan. 2, 2003 and June 13, 2006.
A 2003 audit found similar problems within the IRS.
Everson defended his department's security practices, however. "Every
day there are attempts to get into our databases," he said. "And there
has never been a penetration of the IRS databases from the outside."
Subscribe to InfoSec News