OIG: Technical Testing Results for the Bureau's SQL Server Environment

If you are seeing this message, Javascript is disabled. Disclaimer for all external links found on this page: The Office of Inspector General (OIG) for the Board of Governors of the Federal Reserve System and the Consumer Financial Protection Bureau does not necessarily endorse the views expressed or the facts presented on the external sites. The OIG does not endorse any commercial products that may be advertised or on the external sites. The OIG's privacy policy does not apply on the external sites. Please check the site for its privacy notice.

Skip to Navigation

IN THIS SECTION

Skip SHARE THIS PAGE section Skip STAY CONNECTED section

CFPB Report: 2019-IT-C-007R May 22, 2019

During work for a previous audit report, we identified weaknesses in security controls for select Bureau SQL Server instances and databases. However, we did not include the specific details of these weaknesses in that public report because of the sensitive nature of the information.

We believe that these weaknesses—along with others previously reported—heighten the risk of a breach of sensitive data maintained in the Bureau's SQL Server environment. Therefore, we are issuing a memorandum with five new recommendations to further help the agency in its ongoing efforts to strengthen controls for its SQL Server instances and databases.

Given the sensitivity of our review, this memorandum is restricted.

HOTLINE

IN THIS SECTION

Technical Testing Results for the Bureau's SQL Server Environment

available formats

Summary:

LINKS TO THE BOARD AND THE CFPB

HOTLINE

IN THIS SECTION

SHARE THIS PAGE

STAY CONNECTED

Technical Testing Results for the Bureau's SQL Server Environment

available formats

Summary:

LINKS TO THE BOARD AND THE CFPB

RELATED SITES AND RESOURCES