An internal review has uncovered weak security practices when it comes to information technology at Public Safety Canada — from lax controls on the use of portable flash drives to inadequate awareness and training.
It called for several improvements to ensure the security and integrity of information at Public Safety, the umbrella department for the RCMP, the Canadian Security Intelligence Service, the Correctional Service and the Parole Board of Canada.
The Public Safety audit found there was no formal means within the federal department to systematically identify, analyze and evaluate information-technology security risks.
Officials did not conduct periodic reviews or ongoing monitoring of network access privileges, the report says.
No comments:
Post a Comment