OIG points to key vulnerabilities in EPA information security

March 17, 2023
EPA’s Office of the Inspector General (OIG) is highlighting key vulnerabilities in the agency’s Microsoft Office 365 (O365) system, citing concerns that EPA IT specialists with “superuser” level access in the system can access OIG employee accounts and that little network segmentation exists between the EPA and the OIG. “The EPA’s O365 administrators can modify OIG account settings as well as access and view sensitive data within the O365 environment without the knowledge or input of the OIG, including email...

Not a subscriber? Sign up for 30 days free access to exclusive environmental policy reporting.