Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Fixing HealthCare.gov security

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 18 Sep 2014 12:05:30 +0000 (UTC)
http://www.csoonline.com/article/2685234/data-protection/fixing-healthcare-gov-security.html

By Antone Gonsalves
CSO
Sep 17, 2014
While the security weaknesses found in HealthCare.gov by a U.S. government watchdog need to be addressed, they are not unusual for sites as complex as the federal insurance exchange, experts say.
In a report released Tuesday, the Government Accountability Office found problems in the "technical controls protecting the confidentiality, integrity and availability" of the federally facilitated marketplace (FFM), which is the area of the site to buy health insurance.
Specifically, the GAO faulted the site's operator for failing to require and enforce strong passwords, to adequately restrict access to the Internet by systems supporting the FFM, to consistently implement software patches, and to properly configure the administrative network for the FFM.
The Centers for Medicare & Medicaid Services (CMS), an agency of the Department of Health and Human Services (HHS), is responsible for HealthCare.gov. 

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
Previous By Date Next
Previous By Thread Next

Current thread: