		Information security: Department of Health and Human Services needs to fully implement its program: report to the Chairman United States. Government Paperback. Books LLC, Reference Series 2011-10-03. ISBN 9781234396886
		Buy from Amazon.com

Publisher description

Original publisher: [Washington, D.C.] : U.S. Govt. Accountability Office, [2006] OCLC Number: (OCoLC)86251177 Subject: Computer security -- Government policy -- United States. Excerpt: ... restrict physical access to computer resources, usually by limiting access to the buildings and rooms in which the resources are housed and by periodically reviewing the access granted, in order to ensure that access continues to be appropriate. HHS policy requires that physical access to rooms, work areas and spaces, and facilities containing departmental systems, networks, and data be limited to authorized personnel; controls be in place for deterring, detecting, monitoring, restricting, and regulating access to sensitive areas at all times; and controls be commensurate with the level of risk and sufficient to safeguard these resources against possible loss, theft, destruction, accidental damage, hazardous conditions, fire, malicious actions, and natural disasters. Our analysis showed that HHS did not effectively implement physical controls as the following examples illustrate: * One CMS Medicare contractor used a privately owned vehicle and an unlocked container to transport approximately 25, 000 Medicare check payments over a 1-year period. * Four hundred forty individuals were granted unrestricted access to an entire data center, including a sensitive area within the data center - although their jobs functions did not require them to have such access. * Surveillance cameras used for monitoring a facility were not functioning, leading to blind spots in the data center's perimeter security. * Three individuals with access to an operating division's data center did not have management approval for such access. These weaknesses in physical security increase the risk that unauthorized individuals could gain access to sensitive computing resources and data and inadvertently or deliberately misuse or destroy them. 5 According to Office of Management and Budget ( OMB ) Circular

More books by United States. Government

The Register of John de Grandisson, Bishop of Exeter,
Paperback
2014
Health Resources and Services Administration. Many Underserved Areas Lack a Health Center Site
2013
Field Manual FM 3-34.5 MCRP 4-11B Environmental Considerations February 2010
Paperback
2012
Field Manual FM 3-31 MCWP 3-40.7 Joint Force Land Component Commander Handbook
Paperback
2012
Manual for Courts-Martial United States
Paperback
2024

Similar books

Rate the book

Write a review and share your opinion with others. Try to focus on the content of the book. Read our instructions for further information.

Information security: Department of Health and Human Services needs to fully implement its program: report to the Chairman

Book reviews » Information security: Department of Health and Human Services needs to fully implement its program: report to the Chairman