Security News > 2010 > December > VA employees tap cloud apps on their own, posing security risk

http://www.nextgov.com/nextgov/ng_20101222_6852.php By Bob Brewin Nextgov 12/22/2010 Computer savvy Veterans Affairs Department employees have started to use Internet-based services and tools that the VA does not provide on its systems, presenting a security challenge, according to its chief information officer. It's also a clarion call for the department to adopt these applications, CIO Roger Baker said on Wednesday during a media call about VA's monthly data breach report to Congress. The November report revealed that employees in the Chicago VA hospital maintained a calendar on the Yahoo.com website that listed more than 1,000 patients. This schedule included patients' names, surgery dates, types of procedures and the last four digits of their Social Security numbers. An investigation revealed the facility's orthopedics department had used the Yahoo.com site since July 2007, according to the data breach report. The investigation determined that four orthopedic residents shared the same Yahoo.com account and password to access the data, and in past years a rotating series of residents had access to that account. [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/

News URL

http://www.nextgov.com/nextgov/ng_20101222_6852.php