IRS Doesn't Check Cyberaudit Logs

← Back to Stories (view on slashdot.org)

IRS Doesn't Check Cyberaudit Logs

Posted by samzenpus on Thursday December 18, 2008 @12:57AM from the check-your-work-twice dept.

An anonymous reader writes "The US Internal Revenue Service's IT staff hasn't routinely checked its cybersecurity audit logs, according to a report released this week by the agency's inspector general's office. The report is not exactly flattering for the IRS. The report, with large chunks redacted, recommends the IRS allow independent review of audit logs and establish procedures to save audit logs. It also recommended that the IRS regularly test its Internet gateways for compliance with standard security configurations."

4 of 78 comments (clear)

Min score:

Reason:

Sort:

irs.portforward.com by martin_henry · 2008-12-18 01:08 · Score: 3, Insightful

[Comment Redacted]

--
www.purevolume.com/martyd
Why redacted? by fprintf · 2008-12-18 01:09 · Score: 4, Insightful

I cannot understand what needs to be so secret about anything in the IRS that any portion of a report would need to be redacted. I do understand that there might be investigations into white collar crime, but if the summary is correct and "large portions are redacted", what are they worried about us finding out? This is not the FBI or CIA here, it is the IRS, the US government agency charged with collecting taxes.
Once again I think we have a serious issue with power and openness in our government. It has gotten so way out of control it seems ridiculous!

--
This post brought to you by your friendly neighborhood MBA.
1. Re:Why redacted? by fprintf · 2008-12-18 01:16 · Score: 5, Insightful
  
  Never mind. I just figured it out... social security numbers and private information. Once again, that little problem of social security numbers raises its ugly head. If it was just used for social security taxes, and nothing else we'd be fine. But now it is used for all kinds of financial transactions any organization has to guard those 9 numbers better than Fort Knox guards its gold.
  
  --
  This post brought to you by your friendly neighborhood MBA.
Not just a problem for IRS by ACK!! · 2008-12-18 01:32 · Score: 3, Insightful

I would bet money a lot of government and I know for a fact a lot of private organizations do NOT audit their general security logs in a timely and in an effective fashion. Of course, its scarier when its the government considering the host of private info they have on us. But keep in mind how many credit card companies have been compromised and how much info they have on us. The problem is of course much bigger than one organization.

--
ACK /ak/ interj. 2. [from the comic strip "Bloom County"] An exclamation of surprised disgust, esp. i