The U.S. Postal Service Office of Inspector General’s risk modeling identified the South Florida District as the _________ based on collected data showing malicious software programs on district computer systems. These security incidents can damage information system hardware and software and affect the integrity, confidentiality, and availability of data.
The South Florida District serves more than 14 million customers, delivers mail to more than 3.1. million homes, and generates annual revenue of about
$1.1 billion. Districts are responsible for adhering to. U.S. Postal Service policies for maintaining and securing their information systems. The (b)(3) 39 usc 410
Service Center is responsible or updating all South Florida District information systems, including installing security dates. Engineering personnel in ______ manage the applications supporting the mail processing environment in the district.
What the OIG Found
Security controls in the South Florida District did not adequately protect Postal Service data and infrastructure against potential corruption and unauthorized access. Of ___ Internet addresses that operated as servers, databases, and workstations at three mail processing plants, we found significant security control weaknesses on ___ of them. Administrators did not consistently install security updates (patches) and configure all operating systems and
databases as required by policy.
What the OIG Recommended
We recommended management implement vendor recommendations for patching and Postal Service configuration standards, correctly configure the _________ and ensure personnel with access to Postal Service resources receive annual security awareness training.
The following document was received under the USPS/IG FOIA Case 2017-IGFP-00029.