Press articles also quote a Norwich University Professor saying the system had “limited security protection” and a design that hadn’t been used in “more than 10 years” – is that the case?
Prior to 2004, single purpose systems that interfaced with external entities like banks, were generally not built on the state’s more secure internal network (GOVNET) in order to protect the state’s internal databases. This particular single purpose system did have a firewall but it did not provide the necessary protections. Today with more advanced security measures we build these types of applications within our internal network, with enhanced security that prohibits these external parties from access to other state systems. As stated earlier, we have already taken steps and will continue with efforts to strengthen our information security practices on a number of levels, to ensure that such a compromise does not occur again in the future.
Related Questions
- You have stated that it was an automated attack but press articles quote the Forensics Report as saying "the server was under the control of a person." Why the discrepancy?
- Is the Logitech Digital Video Security system compatible with Microsofts Vista operating system?
- Where can I buy a Logitech Digital Video Security system?
