DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Port Jefferson Union Free School District IT assets not adequately secured – audit

Posted on April 24, 2014 by Dissent

As it has done with other school districts, the NYS Comptroller’s Office has released its audit of Information Technology for the Port Jefferson Union Free School District. The audit covered the period July 1, 2012 — August 31, 2013.

Here’s a snippet from their report findings:

The Board and District officials need to improve controls over the District’s IT assets. The Board has not established a computer use policy for employees to define appropriate user behavior or procedures to ensure the security of the District’s IT system. The Treasurer has administrative rights to the District’s financial software that allow her to control and use all aspects of the financial software application, which creates the opportunity for the manipulation and concealment of transactions. Also, the District’s vendor master file is outdated with inactive vendors and duplicate names for the same vendors.

In addition, the District has no controls in place over remote access, such as user authorizations, policies or monitoring, and has not enabled the audit trail function for its network operating system. Therefore, the District cannot ensure accountability for unauthorized users, reconstruction of events, intrusion detection, and problem identification. Finally, physical security over the District’s server room is inadequate, and the District’s computer asset inventory record is incomplete and inaccurate. As a result, the District’s IT resources are subject to an increased risk of unauthorized access, manipulation, theft and loss.

You can read the full report and recommendations here (pdf). Because of the sensitive nature of the information involved, not all details were disclosed in the report, but a list of recommendations was included.

Related posts:

  • Audits of New York schools and the State Education Department reveal ongoing significant concerns
  • The President Ordered a Board to Probe a Massive Russian Cyberattack. It Never Did.
  • Kept in the Dark — Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden
  • New York State School District Audits Released in June
Category: Commentaries and AnalysesEducation SectorU.S.

Post navigation

← 150 doctors target of tax fraud in NH, Vt., Shaheen says
Ca: Federal Privacy Commissioner’s Office loses backup drive with personal information →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.