OMB Shuts The Security Door After The Horse Is Long Gone

Not only is the horse gone, it started a family and is now heading towards retirement. In a rather astonishing directive following the successful hack attack on the Office of Personnel Management, the Office of Management and Budget has ordered federal system admins to *gasp* install patches in a timely manner, among other security 101 steps.

According to the Register, the steps include:
  1. Install software patches for critical vulnerabilities "without delay."
  2. Use antivirus and check log files for "indicators" of malware infection or intrusion.
  3. Start using two-factor authentication.
  4. Slash the number of people with administrator-level access and limit what they can do and for how long per-login-session, and "ensure that privileged user activities are logged and that such logs are reviewed regularly."
Pardon me, but wtf have they been doing up to now??? Our tax dollars at work, indeed.


No comments:

Post a Comment