Treasury report: IRS email systems insecure

By
Follow google news

A new report released last week found that the majority of employees working for the Internal Revenue Service (IRS) abuse the agency's email service.

"While the IRS has conducted awareness presentations and distributed communications to encourage employees to comply with its personal use policy, it does not effectively monitor the email of its employees to ensure compliance with the policy," the report said.


Released by the Treasury Inspector General for Tax Administration, the report found that a whopping 74 percent of IRS employees had email in their inboxes that violated the IRS personal use policy for email. Some of the offending messages included chain letters, jokes and offensive and sexually explicit content.

Also included in the report were the results of a random sampling of 28 of the agency's 228 email servers. Inspectors found that these servers had more than 700 security vulnerabilities that could disrupt IRS operations. The majority of these were a result of poor patch management.

"The majority of the security vulnerabilities on the email servers cited above occurred because system administrators had not installed current security patches to the email servers," the report said.

In addition, the inspection of IRS email systems found thousands of IP-addressable devices serving as unofficial email servers—approximately 4,913 in all.

Inspectors warned that such flagrant disregard of agency policies combined with vulnerabilities in IRS email systems and an overabundance of ad-hoc servers put the entire IRS IT infrastructure at risk. According to the report, the Treasury Inspector General is working with IRS technical staff to fix these problems.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
emailinsecureirsreportsecuritysystemstreasury

Sponsored Whitepapers

Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
Optus Enterprise Mobility
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Life After VMware: Scale Securely with mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?

Events

Most Read Articles

National photo licence recognition system set to go live in 2025

National photo licence recognition system set to go live in 2025
Hackers using F5 devices to target US gov networks

Hackers using F5 devices to target US gov networks
Qantas says customer data released by cyber criminals

Qantas says customer data released by cyber criminals
Austrade to replace its data centre core network

Austrade to replace its data centre core network
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?