By SANDRA CHEREB
LAS VEGAS REVIEW-JOURNAL
CARSON CITY — Auditors delayed release of a report detailing security vulnerabilities in state databases to protect the information of tens of thousands of current and former state employees and their beneficiaries, a legislative committee was told Tuesday.
Douglas Peterson, information systems audit supervisor, told the Legislative Audit Subcommittee it was the first time he can recall in 20 years with the state that a decision was made to withhold an audit until problems are fixed.
The audit of the Department of Administration’s Human Resource Management division revealed sensitive personal records were stored unencrypted in databases and the accounts of some former employees were not disabled, potentially allowing unauthorized access to information.
Also, computers used by division staff and some servers lacked adequate virus protection and were missing operating system security upgrades. Hard drives of photocopiers also were not being routinely erased, the audit found.
Patrick Cates, Department of Administration director, said there was no breach of sensitive information and that steps have been taken to close the security gaps.
Read more at:
http://www.reviewjournal.com/news/nevada-legislature/state-agency-audit-withheld-protect-sensitive-data-after-security-lapses
