Connect with us
data center

Emails & Opinions

Audit slams security, other lapses at state tech agency

I hate to overstate the findings of any report, but my first thought while reading the latest audit of the Agency for State Technology was:

“Jeez, is this joint as potentially ‘leaky’ as I think it is?”

The report by Florida Auditor General Sherrill F. Norman’s office, which I got a copy of on Thursday, lays out a laundry list of security and other problems at the relatively new agency.

And the best defense that state Chief Information Officer Jason Allison, appointed by Gov. Rick Scott, can muster is to deflect blame and point fingers.

Among the many audit findings are that “access privileges for some AST users … did not restrict (them) to only those functions appropriate and necessary for assigned job duties or functions.”

Gee, no security problem there.

Also, some “accounts remained active when no longer needed and some … inappropriately allowed interactive logon, increasing the risk that the confidentiality, integrity, and availability of AST data and IT resources may be compromised.”

I’m no expert, but that sounds downright dangerous.  

The AST also failed to “review user access privileges for the mainframe, open systems environments, and the network domains,” kept an inaccurate “inventory of IT resources at the State Data Center,” and “State Data Center backup tape records were not up-to-date and some backup tapes could not be located and identified.”

The agency, created by the Legislature in 2014, was aimed at avoiding all the problems of its predecessor, the Agency for Enterprise Information Technology, effectively abolished in 2012.

Mission not accomplished.

Allison, in a weak-beer response included in the audit report, says he just inherited problems from the Northwood and Southwood Shared Resource Centers, which his agency took over.

“It is important to note that AST has combined two separate data centers into a new state agency with a single, cohesive team,” he said.

Yes, a team that apparently doesn’t know when to tell people to change their freaking passwords.

Written By

Peter Schorsch is the President of Extensive Enterprises and is the publisher of some of Florida’s most influential new media websites, including Florida Politics and Sunburn, the morning read of what’s hot in Florida politics. Schorsch is also the publisher of INFLUENCE Magazine. For several years, Peter's blog was ranked by the Washington Post as the best state-based blog in Florida. In addition to his publishing efforts, Peter is a political consultant to several of the state’s largest governmental affairs and public relations firms. Peter lives in St. Petersburg with his wife, Michelle, and their daughter, Ella.

Sign up for Sunburn

Receive our team's agenda-setting morning read of what's hot in Florida politics. Delivered straight to your inbox Monday through Friday.

Florida Politics is a statewide, new media platform covering campaigns, elections, government, policy, and lobbying in Florida. This platform and all of its content are owned by Extensive Enterprises Media.

Publisher: Peter Schorsch

Contributors & reporters: Phil Ammann, Renzo Downey, Rick Flagg, A.G. Gancarski, Joe Henderson, Janelle Irwin, Jacob Ogles, Scott Powers, Bob Sparks, Andrew Wilson.
Email: Peter@FloridaPolitics.com
Phone: (727) 642-3162
Address: 204 37th Avenue North #182
St. Petersburg, Florida 33704

Connect
Sign up for Sunburn

Receive our team's agenda-setting morning read of what's hot in Florida politics. Delivered straight to your inbox Monday through Friday.