Well, before you do your taxes maybe you should be aware how readily accessible your data is. The Government Accountability Office has called out the IRS for some pretty big security issues.
Fixing 49 of 115 big issues is pretty decent admittedly but when user IDs and passwords are “readily” available to any user on their network I think you need to reprioritize what you have fixed that was more important than that.
I don’t know if I am more offended by the lack of a good password policy or that the data isn’t always encrypted. “For example, the IRS still does not always enforce strong password management rules for identifying and authenticating users of its systems, nor does it encrypt certain types of sensitive data, the GAO said.”
There has to be a better and faster way to get people to think about security because it is obvious that what we are doing isn’t working.
