Computer Security:

DEA's Handling of Sensitive Drug Enforcement and National Security Information Is Inadequate

T-IMTEC-92-24: Published: Sep 30, 1992. Publicly Released: Sep 30, 1992.

Additional Materials:


Office of Public Affairs
(202) 512-4800

GAO discussed computer security at the Drug Enforcement Administration (DEA). GAO noted that: (1) DEA relies heavily on computerized systems to access sensitive information; (2) DEA computer security risks included failure to identify computers processing sensitive information, use of unapproved equipment to process sensitive information, and unusually lax physical security over areas in which classified data were being processed; (3) DEA does not have an effective security program and has not complied with the Computer Security Act's requirements; (4) DEA employees did not enforce effective password security; (5) DEA allowed uncleared personnel access to sensitive areas; (6) DEA and the Department of Justice are taking action to identify and reduce computer security risks, but need to do more; and (7) Justice is taking a more active role in enforcing DEA compliance with computer security requirements.

Oct 9, 2020

Sep 22, 2020

Sep 21, 2020

Sep 17, 2020

Sep 16, 2020

Aug 18, 2020

May 27, 2020

May 13, 2020

Apr 24, 2020

Apr 13, 2020

Looking for more? Browse all our products here