AOH :: IS1093.HTM

TIGTA: The IRS lacks secure Web servers

TIGTA: The IRS lacks secure Web servers
TIGTA: The IRS lacks secure Web servers

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By Mary Mosquera
September 4, 2008

Unauthorized and insecure Web servers connect to the Internal Revenue 
Service=E2=80=99s network, which puts the agency=E2=80=99s computers and entire network 
at risk of unauthorized access to taxpayer and personally identifiable 
information, the Treasury Inspector General for Tax Administration said 
in a recent report [1].

The IRS has 1,811 unapproved internal Web servers on the network and 
2,093 internal Web servers that have some security weaknesses, the TIGTA 
report, released Sept. 3, states.

The IRS requires that business units register all internal Web sites and 
Web servers with the Modernization and Information Technology Services 
organization, but some fail to register their servers, the report 
states. The IRS might block unregistered servers from sharing 
information with the network.

Because no office had responsibility for the Web registration program, 
the IRS has not enforced the requirement, allowing Web servers to 
connect to the network without proper authorization and accountability, 
the report states.



Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 

Site design & layout copyright © 1986-2015 CodeGods