A recent audit found that Department of Homeland Security employees are not encrypting data regularly when using unauthorized devices on the agency’s network, Nextgov reports.
Frank Deffer, DHS’ assistant inspector general for information technology audits, said in the report that growing dependence on commercial devices could lead to data becoming compromised.
Devices such as GPS units, e-readers, tablets and mobile phones can connect to the DHS network without authorization, the report said.
Auditors found that the Customs and Border Protection, Transportation Security Administration and Citizenship and Immigration Services do not consider USB drives a sensitive asset, according to the report.
At ICE, login and password information is not required and anyone can access information stored in Apple and Android devices, auditors found.
DHS has a pilot program in place for implementing Apple and Android devices, DHS Chief Information Officer Richard Spires said in a formal response.