Information Security News mailing list archives
IRS offers security assurances
From: InfoSec News <isn () C4I ORG>
Date: Wed, 21 Mar 2001 03:08:55 -0600
http://www.fcw.com/fcw/articles/2001/0319/web-irs-03-20-01.asp BY Judi Hasson 03/20/2001 Despite a critical report revealing security gaps in the Internal Revenue Services electronic filing system, the IRS is confident that the problems have been fixed, and the system is being upgraded. A report from the General Accounting Office last week stated that government investigators were able to hack into the IRS computer system last year and access Social Security numbers and other sensitive information from electronically filed tax returns. But IRS Commissioner Charles Rossotti, in a letter to GAO, assured auditors that the tax agency has worked hard to fix the flaws in its e-filing system. Rossotti said that the IRS has increased its security program in the past 10 months and improved its infrastructure. The IRS also is working to create a better computer security incident reporting system and better detection of intrusions, he said. "To put it simply, taxpayers can feel safe and secure using e-filing during the 2001 filing season. We have strengthened our systems security, and we will remain vigilant to keep our e-filing process the safest possible," Rossotti said. GAO said its hackers were able to gain access because the IRS had not used adequate password management practices or encryption technology for online transactions. Although Rossotti said the IRS had no evidence that real break-ins had occurred, the GAO report said that the tax agency did not have the right system in place to detect intrusions. "The road to a secure e-filing system still has a lot of potholes in it," said Pete Sepp, spokesman for the National Taxpayers Union, a watchdog group. "One of the reasons why e-tailers have had trouble attracting customers is the fear of security. That translates doubly so to tax filing. If you are concerned about turning over your credit card number, imagine the fear over sensitive tax data being compromised," he said. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- IRS offers security assurances InfoSec News (Mar 21)