What computer weaknesses open the door to a local government data breach? Missouri’s state auditor, Nicole Galloway, has summed up the results of multiple local audits to pinpoint the most common data security shortcomings. The list is designed to provide insight to Missouri locals, but any local government could benefit by taking a look.
Here are the five data breach trouble areas for local governments in Missouri:
1. Too wide access. We see this over and over again in government audits. Employees are able to get into multiple systems that are not actually needed and too often they retain access after leaving a job.
2. Employees are sloppy about passwords with many local entities failing to put in place rules about changing passwords or making them more secure.
3. Security software is not in place and inactive computers stay on rather than closing down after a period in which no one is working on them.
4. Data isn’t backed up.
5. Edits are too widely permitted, enabling employees to potentially alter or even destroy data.
For each security issue, the report lists the entities that were cited for the issue during an audit between July 2016 and June 2017. The most common problem involved passwords that were left in place too long without alteration.