U.S. Citizenship and Immigration Services needs to improve its safeguards over laptop computers, the DHS inspector general has said.
After reviewing inventory information, performing onsite inspections, interviewing departmental staff and examining the operating systems and encryption software of a sample of laptops it concluded that controls did not sufficiently safeguard its laptops from loss or theft and do not protect the data on the laptops from disclosure.
Specifically, USCIS did not have an accurate and complete inventory of its laptops, nor were inventory data reported accurately and consistently in electronic databases, according to OIG-12-83.
Further, it said many laptops were not assigned to specific users and that the agency did not provide adequate physical security for its laptops.
Finally, not all of USCIS’s laptops were using the latest encryption software or operating systems and associated service packs, the IG said.
It called on the agency’s property custodians to enter laptop data consistently into its property management system as well as record laptops provided to contractors as government-furnished equipment.
It also recommended that USCIS ensure that it has installed the latest operating systems and encryption software on its laptops and to develop procedures to ensure that users’ laptops are connected to its network on a monthly basis so that software updates may be applied.
