Inspector General Tells NCUA to Beef Up Data Protection
The NCUA needs to do a more thorough review of how it protects the privacy of its computer users and data, according to a report by the agency’s Office of Inspector General.
The report, which was released on Nov. 14, said the focus of the review should be on how often the agency relies on Social Security numbers and other “personally identifiable information” as a means of access to its data.
The report also said the agency needed to make changes by improving the agency’s remote access controls; upgrading its continuous monitoring program; improving its security authorization packages; upgrading its contingency planning program; and improving its intrusion detection policies.
The agency agreed with the recommendations and said it was putting programs in place to address them.