Menu

Topics

Connect

Comments

Want to discuss? Please read our Commenting Policy first.

Manitoba government could boost security for remote work, auditor general says

Manitoba's auditor general says the provincial government can improve information technology security measures to help employees work from home. JOH

Manitoba’s auditor general says the provincial government has introduced information technology security measures
to help employees work from home, but some improvements are needed.

Story continues below advertisement

Tyson Shtykalo examined information technology systems after government employees began to work remotely during the COVID-19 pandemic.

His 23-page report says the province uses encryption to protect data, but some settings need to be bolstered.

The report says there were cases where encryption was weak, and that could potentially allow a cyber-attacker to access sensitive or confidential data.

The auditor also says some security policies and procedures related to remote work have not been updated in about a decade.

Story continues below advertisement

The report estimates about 30 per cent of workers had not completed mandatory technology training on issues such as phishing and potential threats from flash drives.

“The training is crucial for educating employees about potential threats, safe practices and the importance of maintaining
security procedures,” Shtykalo wrote.

“Remote workers who have not undergone security training are more likely to fall victim to phishing emails and other social engineering tactics. This can result in compromised credentials, malware infections and data breaches.”

Overall, Shtykalo says he is encouraged that Manitoba has introduced security measures but feels there is room for
improvement.

The report makes three recommendations on better security and training. The government, in a written response, says it accepts all three.

Advertisement

You are viewing an Accelerated Mobile Webpage.

View Original Article