Security News > 2010 > December > County upgrades computer security for audit report

http://www.dewitt-ee.com/articles/2010/12/15/news/doc4d08eed477f4f744440444.txt By Christina Verderosa Dewitt Era Enterprise December 15, 2010 Arkansas County has spent a great deal of time in the past year improving computer security and data back-up plans. This turned out to be worthwhile for a number of reasons, including that this is just what state auditors were looking for. In its regular meeting Tuesday, the Arkansas County Quorum Court approved the state audit report for 2009 and heard from elected officials about what they were doing to address the report’s findings. Several of the findings had to do with computer security issues. Arkansas County Judge Glenn “Sonny” Cox pointed out that most of the issues had already been addressed, but had to be reported since the report covered 2009. Both the Sheriff’s Department and the Circuit Clerk’s office received findings that there were insufficient safeguards on their password systems; specifically, employees were not prompted to change passwords periodically; they were not locked out after three unsuccessful log-ons, and passwords were not sufficiently complex. However, both Sheriff Allen Cheek and Circuit Clerk Sarah Merchant told justices that their offices have received new software that has corrected these problems. Cox said password security has been much discussed at meeting of county judges, since there is “a lot of mischief going on.” He emphasized that only one or maybe two people should have the master list of passwords. He also cautioned employees never to give their passwords to any of their co-workers. “Another employee could use your password to steal,” Cox warned. “You can say you didn’t do it, but the computer would say you did.” [...]

News URL

http://www.dewitt-ee.com/articles/2010/12/15/news/doc4d08eed477f4f744440444.txt