The agency responsible for protecting deposits in U.S. banks has weak information security controls, threatening the security of financial data, a Government Accountability Office report says.
The report, published Aug. 12, examined the Federal Deposit Insurance Corporation’s controls designed to ensure the confidentiality, integrity and availability of its financial systems and information.
GAO found the FDIC did not always require strong passwords on its financial systems and databases, nor encrypted financial information transmitted over and stored on the corporation’s network.
GAO credited the FDIC for developing and documenting a security program and implementing actions to correct weaknesses previously identified by GAO.
GAO found the FDIC’s actions corrected 26 of the 33 identified weaknesses but warned against complacency in making data more secure.
“If left unaddressed, these issues will continue to increase FDIC’s risk that its sensitive
and financial information will be subject to unauthorized disclosure, modification, or destruction,†the report says.
Click here to read the full report.
