A report released by the Treasury Inspector General for Tax Administration (TIGTA) has determined that the Internal Revenue Service (IRS) needs to address the security of their virtual servers, according to an article published by Accounting Today.
The TIGTA report examined the organization’s virtual server technology and reviewed the overall security of their virtual environment. According to the article, this report discovered that the comprehensive policy developed by the IRS establishes “minimum security controls to prevent unauthorized access to IRS information systems hosted in its virtual environment.”
The article goes on to state that “security configuration settings on hosts were not in accordance with IRS policy”, according to the TIGTA report, even though the IRS has created a process to monitor their infrastructure. All of the virtual servers residing on that host are then vulnerable to attack and could be compromised, according to the article.