IG Flags Transportation Worker Identification Credential (TWIC) Program for Major Security Holes
Wade-Hahn Chan writes on FCW.com:
The Department of Homeland Security needs to address some basic security problems before fully deploying its system for issuing biometric-based identification cards to transportation workers nationwide, according to a report from the department's inspector general.More here.
A redacted version of the report, released Aug. 2, states that the Transportation Worker Identification Credential (TWIC) program has significant security vulnerabilities in its systems, documentation and program management.
“The security-related issues identified may threaten the confidentiality, integrity and availability of sensitive TWIC data,” the report states. “Until remedied, the significant security weaknesses jeopardize the certification and accreditation of the systems prior to full implementation of the TWIC program.”
Specifics on the number and types of vulnerabilities were censored in the edited report. However, the problems are related to default security settings and accounts as well as patch management, the report indicates.
0 Comments:
Post a Comment
<< Home