Search FCW

Advanced Search
Subscribe Now!
Table of Contents
Sprint
Business
BPM
CXOs
Columns
Columnists
Defense
E-Government
Elections 2008
Enterprise Architecture
Funding
Homeland Security
Health IT
IPv6
LOB
Management
Procurement
Privacy
Policy
Program Management
State and Local
Security
Technology
Telework
Training and Certification
Workforce

More Topics
resourcecenter
Home
Letters to the Editor
Current Issue/Download
Print/Online Archives
Editorial Calendar
researchstore
resourcecenter
Communications for Continuity Operations

Oracle Resource Center
NEW - Data Center Virtualization
NEW - Air Force ELSG Contract Guide
NEW - Security Management
NEW - DOD and Security Guide
Networx Contract Guide
SEWP IV Contract Guide
Priority Report: Virtualization
NEW - CHESS formerly ASCP
New - SATCOM II

More >>



Latest News
ADVERTISEMENT




 

IG: IRS employees abusing e-mail privileges

By Matthew Weigelt
Published on August 10, 2006

Comment

Click here to comment on this article

Related story links

House chides IRS on failed fraud-detection system

IRS, Senate committee at odds over contract

IG report on email abuses

Newsletters

You might also be interested in these FCW newsletters:

Daily

To learn more, click here.

A recent audit found inappropriate e-mail, including pornography, on more than half of Internal Revenue Service employees’ computers, according to a report from the Treasury Inspector General For Tax Administration. The audit also uncovered security holes in many of the agency’s e-mail servers. The IG reviewed 96 IRS employees’ electronic mailboxes and found that 71 had messages violating the agency’s personal use policy, according to the July 31report. The inspectors found chain letters, jokes, offensive content and sexually explicit content. The report said 74 percent of employees have such prohibited e-mail messages on their computers. Such content is often used to lure people into opening e-mail messages that contain viruses and other malicious software. The risk of computer viruses had earlier prompted the IRS to issue a personal-use policy for e-mail. The agency also gave employees awareness training on the policy’s importance. “While these efforts established a good foundation for e-mail security, employees are not following the IRS’ personal e-mail use policy,” the IG’s report states. The IG recommended monitoring e-mail message content, which could lead to more employees being disciplined for abusing their privileges. Systems administrators should be held accountable for ensuring that only authorized computers are allowed to perform as e-mail servers, the report recommends. Moreover, the IRS’ chief information officer should make sure that technology employees follow existing procedures for installing security updates and patches on all e-mail servers. The IRS maintains 228 authorized e-mail servers. The IG’s office evaluated security on 28 servers and found 687 vulnerabilities. “People can exploit security vulnerabilities to shut down the servers and disrupt e-mail service or to use the servers to access or attack other computers in the network, which could disrupt other critical operations in the IRS,” the report states. The report also recommends that the IRS cut down on the number of e-mail servers. The audit found an additional 4,913 IP addresses linked to devices that had been configured to operate as unauthorized e-mail servers. Messages entering through such servers skirt the security screening that identifies malicious software.

upcoming event

Enterprise Architecture 2008 - Washington, DC
September 9 - September 10, 2008

Occupational Health & Safety Executive Summit - Arlington, VA
October 6 - October 7, 2008


 

head
fcw
issue
First Name State
Last Name Zip
Title Email
     

Home | About | Contact | Customer Help | Privacy Policy | Editorial Info | Advertise | Link policy / Reprints | Site Map


1105 Media, Inc.

© 1996-2008 1105 Media, Inc. All Rights Reserved.