Lawmakers Hear Audit Results Questioning State Computer Security

By  | 

TOPEKA, Kan. (WIBW) - An audit released Thursday raised concerns about just how secure State agencies' computer systems are.

The Legislative Post Audit division studied nine agencies in exploring the question whether state agencies had adequate IT security controls to protect confidential information.

The audit found most agencies had weak controls for ensuring staff had strong passwords and, in fact, auditors were able to crack a "significant number" of passwords in several agencies.

The audit also cited a lack of attention to patching software vulnerabilities and a lack of staff training on computer security issues. When it came to controlling equipment, the audit found four of the nine agencies studied were missing or had lost track of computers.

Agencies included in the audit were the Board of Indigents Defense
Services, Department of Commerce, Department of Corrections, Department of Education, Department of Labor, Department of Revenue, Department of Wildlife, Parks, and Tourism, Juvenile Justice Authority and State Treasurer’s Office.

Read the full audit results at the Legislative Post Audit division's website.