If the Internal Revenue Service needed additional support for its announced push to improve its online security, it got just that from a recent audit. The Treasury Inspector General for Tax Administration (TIGTA) J. Russell George, has issued a report that echoes the agency’s plan to beef up its authentication system for online tools and services.
The Inspector General’s report says the IRS has indeed taken a number of steps to improve its online security, but found that additional improvements are still possible with other measures. In general, the report found that IRS systems at the time of the original 2015 attack on its Get Transcript application were not structured to handle audit logs containing large amounts of data. So trends were likely to go unnoticed because the logs weren’t adequately monitored.
One user during the 2015 event attempted to authenticate and access the Get Transcript application 902 times in one 24-hour period – far outside the usual activity level. But the attempts went unnoticed because the IRS audit tools weren’t adequately programmed.
TIGTA’s report recommended seven steps that will basically improve system capabilities to detect trends and analyze patterns, while improving training of technical staff to handle large data logs.
The IRS agreed with all the findings in the report and the Inspector General’s office says the IRS has already implemented four of the seven recommendations.