The US Securities and Exchange Commission (SEC) has spent nearly $200,000 on investigating the errors made by their staff responsible for monitoring the markets and stock exchanges broadly.
A 43-page report following the probe found that employees of SEC misused the government resources to download music and failed to secure sensitive information in their computers making them vulnerable to harckers.
The staffers claimed have misused computers to download music, while failing to protect sensitive information that feared losing data after the laptops were taken to the hacker conference, the report revealed.
SEC Interim inspector general Jon Rymer was quoted by Reuters as saying, "While they were using unencrypted laptops themselves, they were recommending to the (exchanges and clearing agencies) that they encrypt their laptops."
SEC is responsible for certifying exchanges are abiding a series of voluntary principles called "Automation Review Policies," or ARPs that require exchanges to develop programs about computer audits, security and capacity.
SEC spokesman John Nester said that Rymer found that four staff members had used unencrypted laptop computers in violation of SEC policy.
"Although we found no evidence that data was compromised, the problem was fixed and the two staffers responsible for maintaining and configuring the equipment are no longer with the agency," Rymer said.
Qualys is the leading provider of on demand IT security risk and compliance solutions - delivered as a service. Qualys solutions enable...
Absolute® Software specialises in technology and services for the management and security of mobile computers and smartphones.