Victorian government agencies don’t know what servers they have: report
A Victorian Auditor-General’s report has found that every state agency could “do more to improve its server security.”
The report found that “no audited agency has a complete and accurate inventory of their servers” and that “all agencies have outdated operating systems and some servers that lack mature technical security controls. These gaps expose agencies to cyber threats and increase the risk of successful cyber attacks.”
The audit found that:
- Automated asset discovery tools are not set up to capture all servers
- Not all agencies reconcile server information
- All agencies have server information that is inaccurate or incomplete
It was also found that agencies’ technical security controls have low maturity based on industry benchmarks, and that all agencies have servers with operating systems that are no longer receiving mainstream support. It was also found that not all agencies proactively manage server vulnerabilities.
The Auditor-General has made two recommendations for all agencies to improve tracking of their servers and to strengthen the technical security controls applied to them. It has also been recommended that the Department of Government Services issues guidance on expectations for server security.
More deailed information can be found here.
NSW Government approves another 15 data centre projects
With new data centre projects progressing through the Investment Delivery Authority, the NSW...
Government announces Australian data centre expectations
The federal government has today set national expectations for data centres, a commitment...
Macquarie gets $200m investment from NRFC
Macquarie Technology Group is the recipient of the largest investment by the government's...
