Computer Security:

DEA's Handling of Sensitive Drug Enforcement and National Security Information Is Inadequate

T-IMTEC-92-24: Published: Sep 30, 1992. Publicly Released: Sep 30, 1992.

Additional Materials:

Contact:

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

GAO discussed computer security at the Drug Enforcement Administration (DEA). GAO noted that: (1) DEA relies heavily on computerized systems to access sensitive information; (2) DEA computer security risks included failure to identify computers processing sensitive information, use of unapproved equipment to process sensitive information, and unusually lax physical security over areas in which classified data were being processed; (3) DEA does not have an effective security program and has not complied with the Computer Security Act's requirements; (4) DEA employees did not enforce effective password security; (5) DEA allowed uncleared personnel access to sensitive areas; (6) DEA and the Department of Justice are taking action to identify and reduce computer security risks, but need to do more; and (7) Justice is taking a more active role in enforcing DEA compliance with computer security requirements.

Nov 18, 2014

Nov 17, 2014

Sep 18, 2014

Sep 16, 2014

Sep 8, 2014

Jul 17, 2014

Jun 25, 2014

May 30, 2014

Apr 17, 2014

Apr 2, 2014

Looking for more? Browse all our products here