Computerworld - WASHINGTON -- A federal agency created in the 1930s to help restore economic confidence during the Great Depression isn't winning the confidence of a congressional watchdog agency for its information security practices.
The Federal Deposit Insurance Corp. was faulted by the U.S. General Accounting Office for access policies that give hundreds of end users privileges that allow them to modify financial software, as well as read, modify and copy financial data, the GAO said in a report (download PDF) today.
Many end users had access to "powerful" systems commands, including 26 help desk employees and 14 database staffers who didn't need access to these commands, the GAO said.
The FDIC has been previously faulted by the GAO for poor IT security. But the GAO acknowledged that the FDIC has taken steps to improve its operations, including the use of a guard service to provide security surveillance of its computer rooms and an assessment of data to determine the level of security needed to protect it.
The FDIC, in a written response, said the GAO's findings will help it improve security.
The FDIC insures deposits in excess of $3.2 trillion for about 10,000 financial institutions.
Read more about Security in Computerworld's Security Topic Center.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
