IG: 18F continues to operate outside GSA security policies

Federal Times: Unapproved software, unofficial email accounts and a routine disregard for parent organization’s security policies and guidelines are among the findings in an Office of Inspector General report on the General Services Administration’s 18F digital services agency.

Evaluating 18F’s information systems environment following an assessment of agency business operations, the IG found widespread noncompliance and an internally crafted authorization process allowing for shadow IT. Aiding this “pre-authorization” process was the finding that the 18F director of infrastructure appointed himself as the 18F information systems security officer.

Read article