Confidential communication (51 - 60 of 78 items)
Information Security: Computer Attacks at Department of Defense Pose Increasing Risks
T-AIMD-96-92: Published: May 22, 1996. Publicly Released: May 22, 1996.
GAO discussed information security procedures at the Department of Defense (DOD). GAO noted that: (1) as many as 250,000 DOD computer systems were attacked in 1995; (2) hackers successfully penetrate DOD computer systems 65 percent of the time; (3) hackers attack DOD computer systems to steal and destroy sensitive data and install reentry devices; (4) these attacks cost the government over half a...
Classified Information: Costs of Protection Are Integrated With Other Security Costs
NSIAD-94-55: Published: Oct 20, 1993. Publicly Released: Nov 29, 1993.
Pursuant to a congressional request, GAO reviewed the costs of protecting national security information.GAO found that: (1) governmentwide costs directly applicable to national security information totalled over $350 million in 1992, including $239 million for security clearances, $58 million for secure equipment, $49 million for courier services, and $6 million for declassification work; (2) in a...
Document Security: Justice Can Improve Its Controls Over Classified and Sensitive Documents
GGD-93-134: Published: Sep 7, 1993. Publicly Released: Sep 20, 1993.
Pursuant to a congressional request, GAO reviewed the Department of Justice's protection of classified and sensitive documents, focusing on the: (1) security compliance review activities of the Security Compliance Review Group (SCRG); (2) Federal Bureau of Investigation's (FBI) nightly security inspections of its headquarters building; and (3) controls placed on classified documents sent between t...
GSA's Computer Security Guidance
AIMD-93-7R: Published: Jul 19, 1993. Publicly Released: Aug 17, 1993.
Pursuant to a congressional request, GAO reviewed Federal Information Resources Management Regulation (FIRMR) Bulletin C-22, which provides guidance to federal agencies on the security and privacy protection of federal computer resources. GAO noted that the guidance: (1) is intended for general use by federal agencies; (2) does not address the various types of sensitive information disclosure; and...
Computer Security: DEA Is Not Adequately Protecting Sensitive Drug Enforcement Data
IMTEC-92-83: Published: Sep 22, 1992. Publicly Released: Sep 30, 1992.
Pursuant to a congressional request, GAO assessed the adequacy of the Drug Enforcement Administration's (DEA) computer security, focusing on: (1) DEA compliance with laws and requirements for protecting sensitive computer information; and (2) Department of Justice (DOJ) oversight of DEA compliance with computer security requirements.GAO found that: (1) DEA has not identified all of its computer sy...
Computer Security: DEA's Handling of Sensitive Drug Enforcement and National Security Information Is Inadequate
T-IMTEC-92-24: Published: Sep 30, 1992. Publicly Released: Sep 30, 1992.
GAO discussed computer security at the Drug Enforcement Administration (DEA). GAO noted that: (1) DEA relies heavily on computerized systems to access sensitive information; (2) DEA computer security risks included failure to identify computers processing sensitive information, use of unapproved equipment to process sensitive information, and unusually lax physical security over areas in which cla...
Computer Security: Agencies Reported Having Implemented Most System Security Controls
IMTEC-92-45: Published: Apr 30, 1992. Publicly Released: Jun 1, 1992.
Pursuant to a congressional request, GAO reviewed 12 federal agencies' implementation of security controls for their computer systems containing sensitive information, focusing on their security plans and supporting documentation.GAO found that, as of January 1992, the agencies: (1) had implemented about 88 percent of planned controls for 27 systems; and (2) reported that 44 planned security contr...
Computer Security: Hackers Penetrate DOD Computer Systems
T-IMTEC-92-5: Published: Nov 20, 1991. Publicly Released: Nov 20, 1991.
GAO discussed the intrusions of Dutch hackers into Department of Defense (DOD) unclassified, sensitive computer systems during Operation Desert Storm/Shield. GAO noted that: (1) computer hackers from the Netherlands penetrated 34 DOD sites attached to Internet, an unclassified network composed of smaller networks nationwide and overseas, between April 1990 and May 1991; (2) the hackers had access...
Computer Security Weaknesses at the Department of Justice
T-IMTEC-91-15: Published: Jun 27, 1991. Publicly Released: Jun 27, 1991.
GAO discussed computer security weaknesses in the Department of Justice's (DOJ) computer systems that store highly sensitive law enforcement information. GAO noted that DOJ: (1) security weaknesses have life-and-death implications for such individuals as witnesses, informants, and law enforcement officials whose identities could be disclosed because of inadequate controls; (2) did not develop secu...
Serious Questions Remain About Justice's Management of ADP and Computer Security
T-IMTEC-91-17: Published: Jun 27, 1991. Publicly Released: Jun 27, 1991.
GAO discussed the Department of Justice's (DOJ) management of its automatic data processing (ADP) resources and its computer security. GAO noted that: (1) the actions DOJ took to address ADP management shortcomings have mainly been organizational and structural and may be insufficient to solve the pervasive problems in DOJ information resources management (IRM); (2) DOJ lacks a system that can acc...