Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

Washington
Info security needs improvements NCUA IG says
ALEXANDRIA, Va. (11/21/11)--The National Credit Union Administration (NCUA) has improved its overall data security and privacy programs, but there is still room to strengthen its overall personal information privacy program, security authorization packages, contingency planning program, intrusion detection policies and procedures, and remote access controls, according to the agency's Office of the Inspector General (OIG).

The OIG engaged an outside firm to examine the agency's information security and privacy management policies and procedures, and to determine the NCUA's level of compliance with federal information security standards.

In the report, the OIG recommended that the NCUA work to reduce the "use, collection and retention" of personally sensitive identifying information such as employee social security numbers.

Reviewing and potentially reducing the use of social security numbers and other sensitive information "will reduce the risk of exposing [the NCUA's] sensitive data to a breach of confidentiality by an authorized or unauthorized entity" and "could prevent public embarrassment for the agency and a loss of trust by the public," the report said.

The OIG also recommended that the NCUA improve its contingency planning program for its Federal Information Security Management Act (FISMA) systems in its review of the NCUAs information systems, security program and controls for compliance with FISMA.

The report noted that the NCUA has improved its server and desktop computer security configurations, its automated information security processes, its contingency planning for FISMA systems, and its continuing education requirements for its own information technology employees.

The OIG in last year's review credited the NCUA with improving its overall IT security program by enhancing its policies and procedures, completing e-Authentication risk assessments for its two e-Authentication systems, and completing security control assessments for five of its six FISMA systems.

For the full report, use the resource link.
Other Resources

RSS





print
News Now LiveWire
CUNA: CUNA offices closed through Friday, News Now returns Monday http://t.co/a5xbLzQKDj
12 24 ago
Reminder: @CUNA's Madison, D.C. offices will be closed through Friday, open again on Monday. #NewsNow will publish Monday.
12 23 ago
MI dentist to match @CUDirect's $20K to @HurleyMedical as a result of #20for20 online voting http://t.co/hqmIc9LpK1 @CMNHospitals
12 23 ago
New #creditunion chartered in St. Louis - #LutheranFCU - by @TheNCUA http://t.co/faPfANGS0P. Only 3rd new FCU charter this year.
12 23 ago
Don't get hacked during the holidays-use these tips from @CUNA http://t.co/jEqxni6NhO #StoptheDataBreaches http://t.co/woIxPOIyys
12 23 ago