February 22, 2008   SENATOR COLLINS REQUESTS TIMELINE FROM FEDERAL AGENCIES FOR STEPPING UP CYBER-SECURITY GAO report finds government agencies haven’t implemented protocols to protect Americans’ personal information   Washington, DC - In an effort to prevent Americans’ sensitive personal information from falling into the wrong hands, Senator Susan Collins, Ranking Member of the Senate Homeland Security Committee, and Senator Norm Coleman (R-MN) today sent a letter to all 24 federal agencies requesting a timeline of when they will meet the recommendations put in place by the Office of Management and Budget (OMB) for increased cyber-security. Following the Department of Veterans’ Affairs breach last year that put millions of veteran’s personal information at risk, OMB directed federal agencies to implement five security protocols. Collins and Coleman, Ranking Member of the Permanent Subcommittee on Investigations, requested the Government Accountability Office (GAO) to conduct a government-wide review of current cyber-security policies and practices. GAO’s report today revealed that most of the agencies examined have not employed all of OMB’s recommendations. "The federal government collects and stores large amounts of personal information that is a tempting target for identity thieves,” said Collins. “Agencies cannot act quickly enough to implement policies to help protect and secure this sensitive data.” Specifically, the OMB directed the agencies to carry out the following cyber-security protocols: • encrypt all data on mobile computers/devices that carry agency data; • allow remote access only with two-factor authentication, where one factor is provided by a device separate from the computer gaining access; • use a “time-out” function for remote access and mobile devices requiring user re-authentication after 30 minutes of inactivity; • log all computer-readable data extracts from databases holding sensitive information and verify that each extract including sensitive data has been erased within 90 days; and • use a NIST security checklist, included in the memo, that provides specific actions to be taken by agencies to protect private identifiable information that is either accessed remotely or physically transported outside an agency’s secured physical perimeter. ###   ###   Printable Version   « previous Press Release next Press Release »   1998 - 1999 - 2000 - 2001 - 2002 - 2003 - 2004 - 2005 - 2006 - 2007 February 2008 Press Releases   February 29 - SENATOR COLLINS WORKS TO ENSURE THAT MAINERS CAN STILL BOARD AIRPLANES WITH MAINE DRIVERS' LICENSES WHEN NEW REGULATIONS ARE IMPLEMENTED   February 27 - SENATE HOMELAND SECURITY COMMITTEE HOLDS HEARING TO EXAMINE GOVERNMENT’S RELIANCE ON PRIVATE SECURITYCONTRACTORS OVERSEAS   February 22 current Press Release   February 15 - SENATOR COLLINS’ STATEMENT ON DAVID WALKER’S DEPARTURE FROM GAO   February 15 - SENATOR COLLINS QUESTIONS DHS CHIEF ON TWIC CARD AVAILABILITY   February 14 - SENATOR COLLINS QUESTIONS DHS SECRETARY CHERTOFF ABOUT PROPOSED CUTS TO HOMELAND SECURITY GRANTS   February 13 - LEGISLATION NEEDED TO REQUIRE NATIONAL GUARD AND RESERVES TO STEP UP CIVIL SUPPORT DURING DOMESTIC CATASTROPHES   February 7 - SENATOR COLLINS WORKS TO PROVIDE ADDITIONIONAL RESOURCES FOR AMERICA’S FIREFIGHTERS
Committee on Homeland Security and Governmental Affairs 340 Dirksen Senate Office Building Washington, D.C. 20510