We recommend that EEOC review and remediate the informational vulnerabilities identified during external penetration testing by: (1) Ensuring that passwords meet complexity requirements. (2) Requiring 2-Factor Authentication mechanisms for all externally accessible systems. (3) Recommending that employees not use their work email addresses for personal accounts. (4) Recommending that employees avoid using previously breached passwords.
Organization
Report Number
2021-004-AOIG
Report Type
Fiscal Year
2022
Open/Closed
On
Cost
$0
Associated Report