U.S. federal data security vulnerabilities
Data security vulnerabilities that exist within U.S. Federal agencies due to employees’ use of unsecure methods to exchange information, such as FTP – despite the Secure File Sharing Act, which the U.S. House of Representatives passed on March 24, 2010 to prevent government employees from using peer-to-peer file-sharing software, including FTP. This is one of the results of a survey by MeriTalk and Axway.
According to the Federal File Transfer Report, Federal employees are exposing data to cyber criminals. Though 71 percent of Federal IT and information security professionals are concerned with Federal file transfer security, 54 percent admit they do not currently monitor for FTP use within their agencies.
Federal employees admit to using unsafe methods to transfer files, specifically citing the following:
- 66 percent use physical media (e.g., tapes, CDs, DVDs, USB drives, etc.)
- 60 percent use FTP
- 52 percent e-mail work files through personal e-mail accounts (e.g., Gmail, Yahoo, etc.)
The Federal File Transfer Report shows that agencies must secure top management support and educate employees to lock down Federal data.
Federal employees at agencies with management that understands the impact of threats are more than twice as likely to follow these policies (53 percent to 12 percent); and currently, just 58 percent of those surveyed are aware of agency file transfer policies.