Computer Security:

DEA's Handling of Sensitive Drug Enforcement and National Security Information Is Inadequate

T-IMTEC-92-24: Published: Sep 30, 1992. Publicly Released: Sep 30, 1992.

Additional Materials:

Contact:

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

GAO discussed computer security at the Drug Enforcement Administration (DEA). GAO noted that: (1) DEA relies heavily on computerized systems to access sensitive information; (2) DEA computer security risks included failure to identify computers processing sensitive information, use of unapproved equipment to process sensitive information, and unusually lax physical security over areas in which classified data were being processed; (3) DEA does not have an effective security program and has not complied with the Computer Security Act's requirements; (4) DEA employees did not enforce effective password security; (5) DEA allowed uncleared personnel access to sensitive areas; (6) DEA and the Department of Justice are taking action to identify and reduce computer security risks, but need to do more; and (7) Justice is taking a more active role in enforcing DEA compliance with computer security requirements.

Jul 2, 2015

Jun 24, 2015

Jun 2, 2015

Apr 22, 2015

Apr 9, 2015

Mar 19, 2015

Mar 2, 2015

Nov 18, 2014

Nov 17, 2014

Sep 18, 2014

Looking for more? Browse all our products here