OMB Shuts The Security Door After The Horse Is Long Gone
Not only is the horse gone, it started a family and is now heading towards retirement. In a rather astonishing directive following the successful hack attack on the Office of Personnel Management, the Office of Management and Budget has ordered federal system admins to *gasp* install patches in a timely manner, among other security 101 steps.
According to the Register, the steps include:
- Install software patches for critical vulnerabilities "without delay."
- Use antivirus and check log files for "indicators" of malware infection or intrusion.
- Start using two-factor authentication.
- Slash the number of people with administrator-level access and limit what they can do and for how long per-login-session, and "ensure that privileged user activities are logged and that such logs are reviewed regularly."