AOH :: IS1487.HTM

Auditor: IRS must review network audit logs




Auditor: IRS must review network audit logs
Auditor: IRS must review network audit logs



  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--1457021584-2014377816-1229411598=:11531
Content-Type: TEXT/PLAIN; CHARSET=UTF-8
Content-Transfer-Encoding: QUOTED-PRINTABLE
Content-ID:  

http://www.fcw.com/online/news/154687-1.html 

By Mary Mosquera
FCW.com
December 15, 2008

The Internal Revenue Service should bolster network and information 
security by improving how it manages audit logs, the Treasury Inspector 
General for Tax Administration said.

TIGTA made the recommendation while acknowledging that the agency has 
effectively deployed systems to detect network intrusions at Internet 
gateways.

Audit logs record who accessed a computer system, what operations they 
performed and when, TIGTA said in a report released today. The auditor 
redacted portions of the report.

The IRS did not properly save and review its audit logs, which increased 
the likelihood that intruders could use the Internet to gain access to 
sensitive taxpayer data without detection, the report states.

Auditing system logs is essential for detecting potential security 
events, such as hacking attempts and other threats, said Michael 
Phillips, TIGTA=E2=80=99s deputy inspector general for audit. Proper management 
of audit logs ensures that operations performed on a system can be 
traced back to an individual at a specific time, he added.

To minimize the risk to taxpayer data, the IRS has consolidated about 95 
percent of its Internet traffic into a limited number of gateways, the 
report states, although TIGTA redacted the number of external 
connections. The Office of Management and Budget has directed all 
agencies to reduce the number of gateways they have under the Trusted 
Internet Connections initiative.

[...]


--1457021584-2014377816-1229411598=:11531
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________      
Help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html 

--1457021584-2014377816-1229411598=:11531--

Site design & layout copyright © 1986-2014 CodeGods