Security News > 2010 > December > VA employees tap cloud apps on their own, posing security risk
http://www.nextgov.com/nextgov/ng_20101222_6852.php By Bob Brewin Nextgov 12/22/2010 Computer savvy Veterans Affairs Department employees have started to use Internet-based services and tools that the VA does not provide on its systems, presenting a security challenge, according to its chief information officer. It's also a clarion call for the department to adopt these applications, CIO Roger Baker said on Wednesday during a media call about VA's monthly data breach report to Congress. The November report revealed that employees in the Chicago VA hospital maintained a calendar on the Yahoo.com website that listed more than 1,000 patients. This schedule included patients' names, surgery dates, types of procedures and the last four digits of their Social Security numbers. An investigation revealed the facility's orthopedics department had used the Yahoo.com site since July 2007, according to the data breach report. The investigation determined that four orthopedic residents shared the same Yahoo.com account and password to access the data, and in past years a rotating series of residents had access to that account. [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/
News URL
http://www.nextgov.com/nextgov/ng_20101222_6852.php
Related news
- Whitepaper: Reach higher in your career with cloud security (source)
- Transforming cloud security with real-time visibility (source)
- Top 5 Cloud Security Automations for SecOps Teams (source)
- Microsoft lost some customers’ cloud security logs (source)
- Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)