EPA Claims Vastly Improved SecurityBy Matt Hines | Posted 2006-08-01 Email Print
Under a project headed by services giant CSC, the Environmental Protection Agency believes it has greatly improved its IT defenses and become compliant with the Federal Information Security Management Act.
Even with the renewed scrutiny being given to government IT systems in light of the recent laptop theft at the Department of Veterans Affairs, officials working with the Environmental Protection Agency say the organization has significantly improved its security operations.
Guided by a seven-year contract granted to services provider Computer Sciences Corp. in 2002, the EPA maintains that it has applied a systemic approach to maturing its security operations, resulting in the agency being one of only five federal organizations that received a top ranking in a recent security scorecard issued by the House Committee on Government Reform.
At the heart of the EPA's project has been an ongoing effort to come into compliance with the U.S. government's Federal Information Security Management Act, or FISMA, which requires executive agencies within the federal government to secure their IT systems. Passed by Congress in 2002, FISMA specifically demands that government organizations ensure that they have appropriate officials designated to oversee IT security and that those workers periodically review security controls for all information systems while enforcing user and device authentication.
Under its deal with CSC, the EPA has outsourced its entire IT security operation to the service provider's Raleigh, N.C., data center, including oversight of its WAN. The project directly handles security for 25,000 users in ten regions throughout the United States and also includes management by CSC of the EPA's data center, desktop management and call center operations, in addition to the security responsibilities.
Read the full story on eWEEK.com: EPA Claims Vastly Improved Security