NParks IT Security Lapses Sorely Undermine Singapore’s Smart Nation Push

Posted on Jul 19 2017 - 6:51pm by Redwire Singapore

redwire-singapore-nparks-lapses-2
All it takes is one weak link for the whole damn chain to snap.

In its push towards becoming a Smart Nation, Singapore has blocked civil servants from using the internet on official computers, fearing potential leaks from work e-mail and shared documents.

And then NParks comes along.

In its latest audit report on government agencies, the Auditor-General’s Office found lapses in NParks’ management of user accounts in its Human Resource,  Finance  and  Procurement  System that could expose the IT system to fraudulent or unauthorised transactions.

This had to do with lapses which include the inadequate  review  of  access rights, non-removal of access rights of accounts belonging to staff who had left NParks and non-suspension of accounts of staff who went on long no-pay leave.

redwire singapore nparks lapses

To its credit, NParks has actively sought to tighten its processes.

It informed the AGO that it had since completed a review of the 973 user accounts in April 2017 and removed 251 access rights relating to 101 accounts.

It also said that, moving forward, it would conduct an annual review of all user accounts in the IT system.

The AGO’s latest audit has exposed glaring lapses in transactions involving agencies such as the Health Ministry and the Economic Development Board.

And too, the Singapore Sports Council, which was caught with its pants down when 1396 sponsored electronic gadgets like smartwatches which were meant for offical use went missing and could not be accounted for.

 

Leave A Response