Computer Security:

DEA's Handling of Sensitive Drug Enforcement and National Security Information Is Inadequate

T-IMTEC-92-24: Published: Sep 30, 1992. Publicly Released: Sep 30, 1992.

Additional Materials:


Office of Public Affairs
(202) 512-4800

GAO discussed computer security at the Drug Enforcement Administration (DEA). GAO noted that: (1) DEA relies heavily on computerized systems to access sensitive information; (2) DEA computer security risks included failure to identify computers processing sensitive information, use of unapproved equipment to process sensitive information, and unusually lax physical security over areas in which classified data were being processed; (3) DEA does not have an effective security program and has not complied with the Computer Security Act's requirements; (4) DEA employees did not enforce effective password security; (5) DEA allowed uncleared personnel access to sensitive areas; (6) DEA and the Department of Justice are taking action to identify and reduce computer security risks, but need to do more; and (7) Justice is taking a more active role in enforcing DEA compliance with computer security requirements.

Mar 28, 2017

Feb 14, 2017

Sep 29, 2016

Sep 20, 2016

Sep 15, 2016

Jun 29, 2016

Jun 21, 2016

Apr 28, 2016

Apr 14, 2016

Apr 12, 2016

Looking for more? Browse all our products here