It’s not always malicious hackers and purported state actors that expose weaknesses in government systems. Sometime it’s other government agencies as well. This was the case when federal watchdog, the Government Accountability Office, audited and subsequently called out the Federal Deposit Insurance Corporation for its lax IT security practices. Among the FDIC’s weaknesses were a serious lack of strong password use and a failure to review user-access and encrypt sensitive financial information. Further, the GAO’s report noted the FDIC’s failure to implement controls that attempt to segregate incompatible duties, manage system configurations, and implement patches.
(Image via zieak‘s Flickr photostream, Creative Commons)