Home / News / Inspector General: DOI Must Update Logical Access Controls to Protect Sensitive Data

Inspector General: DOI Must Update Logical Access Controls to Protect Sensitive Data

cybersecurityThe Interior Department‘s Office of Inspector General has recommended that DOI update its logical access control policies in order to meet current sensitive data protection requirements established by the National Institute of Standards and Technology.

DOI OIG said in an Aug.8 audit report it reviewed the department’s security policies and procedures that apply to its computer networks and systems related to logical access control practices, multifactor verification, software inventory, threat prevention and contract oversight.

The inspector general found that the department implemented multifactor authentication to protect its sensitive systems and software inventory management from unauthorized access.

DOI should implement measures to prevent unauthorized access to privileged functions as well as audit trails to monitor user access and prevent insider threats, the IG added.

The IG also urged the department to encrypt its mobile devices to protect sensitive data from theft when a device is lost or stolen.

Check Also

OMB Directs Phase One Implementation of Evidence Act

The Office of Management and Budget released a memo on Wednesday calling on agencies to implement phase one of the Foundations for Evidence-Based Policymaking Act of 2018. OMB urges agencies to deploy a four-step approach to implementing the Evidence Act which “mandates a systematic rethinking of government data management to better facilitate access for evidence-building activities and public consumption.”

Leave a Reply

Your email address will not be published. Required fields are marked *