by Mike Masnick

Filed Under:
computers, state department

State Department Spent $1.2 Billion On An Asset Monitoring System... That Ignores All Non-Windows Equipment

from the julian-assange-agrees dept

We just wrote about a GAO report showing how the Defense Department is somewhat incompetent at dealing with online threats. Of course, it's not clear that anyone else in the government is any better. The GAO is back with yet another report, dinging the State Department for its dreadful computer security monitoring program. In this case, it's talking about threats to the State Department's network, rather than to third parties. And while the State Department spent a whopping $1.2 billion of taxpayer money on a fancy computer system, called iPost, to monitor everything, it turns out that it only works on Windows machines:
But the iPost service only covers computers that use Microsoft's Windows operating system, not other assets such as the roughly 5,000 routers and switches along State's network, non-Windows operating systems, firewalls, mainframes, databases and intrusion detection devices, GAO auditors said.
I mean, this is the kind of stuff that makes you shake your head in disbelief. Somewhere in the process of building a $1.2 billion system, no one thought to point out that there are more computer assets than those that run Microsoft Windows? Really? Someone seriously deserves to be fired.

Also, for the Windows computers where you can install it, it appears that the system barely works.
For instance, iPost tools did not always scan computers when scheduled, or they created false positives that had to be analyzed and explained. One scanner vendor failed to update its technology to detect the latest, most common vulnerabilities. And tools manufactured by different suppliers produced disparate scores that staff then had to interpret and modify.
Apparently, all of this is leading to confusion where people don't even know who's responsible for what.

So can someone explain why the federal government is coming down so hard on Bradley Manning, rather than taking some of that energy and focusing on securing the State Department's computers? Honestly, from the sound of things, you have to imagine that lots of people (including tons of foreign spies) long ago broke into State Department computers and had access to all of this info, based on reports like this. If anything, it makes you wonder if the Wikileaks leak may help get the State Department to better secure things.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Concerned Citizen, 12 Aug 2011 @ 3:41pm

    Correction to article

    Correcting a detail you mention that is not accurate. If you look at the GAO report (link below) bottom of page 6 and top of page 7 you will clearly see that the 1.2B you refer to is the the entire IT Budget not the cost for an "Asset Monitoring System".
    Apparently NIST.GOV did not feel the same way as GAO about this system:

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.