0

Audit raises concerns over Darton's handling of sensitive documents

ALBANY, Ga. — Darton College officials say they are continuing to work to correct deficiencies identified in a 2011 audit that revealed that documents containing sensitive or confidential information were mishandled by school personnel.

The April 2011 audit was provided to the Herald through a request made through the Open Records Act.

In the report, officials with the Board of Regents for the University System of Georgia noted gaps in Darton policies related to document management, data transfers, network security and various other policies and procedures.

The report noted that Darton's networking infrastructure was lacking to the degree that a "hostile network user could potentially intercept information transmitted through the campus network and exploit content."

"These (transfer) sessions transmitted personal, medical, and credit card information to and from various applications, and were not in regulatory compliance," the report states.

The report also identified gaps in Darton's handling of confidential information.

"Handling of sensitive and confidential information and access rights administered by department business function owners, designated trustees, and stewards was not effective or systematic to safe-guard information and information systems introduced unnecessary risk for associated key business functions," the report states.

Specifically, the report notes, "Sensitive (or) confidential data was found in every polled group in inappropriate places. Personal, work, and sensitive (or) confidential data was not being properly segregated or secured; and email transmissions were identified as containing sensitive (or) confidential data," the report states.

Darton officials say that they have been working with the board of regents and others to address the issues and shore up the college's information grid.

"We have been working on the items that the Board of Regents' Internal Audit Division asked us to improve on in regard to our policies and risk management. We are making good progress. We have had to purchase some software and hardware items, and we have had to delay some of the hardware items because of the need for additional funding. Our goal is to have everything completed by June 30, 2012," Ronnie Henry, Darton's vice president of Business and Financial Services, wrote in an email to the Herald.

In their official response to the audit, Darton officials say that President Peter Sireno has formed a Document Review Consistency Committee to review and revise key Darton policies and procedures.

Comments

waltspecht 2 years, 7 months ago

After getting some strange virouses on the home computer, I quit going to Darton's site. The problem went away. Can't prove the two are related, though I remain suspecious. Plus weren't those Identity Thieves Darton Students several years ago. I think it's time to tighten up there Darton

0

woopwoopohyeah 2 years, 7 months ago

The correct spelling for your “virouses” is viruses. The correct spelling for your “suspecious” is suspicious. With your poor spelling, improper use of punctuation, and use of sentence fragments, maybe you should consider revisiting Darton’s site to enroll for an education? By the way, do you like apples?

0

woopwoopohyeah 2 years, 7 months ago

The correct spelling for your “virouses” is viruses. The correct spelling for your “suspecious” is suspicious. With your poor spelling, improper use of punctuation, and use of sentence fragments, maybe you should consider revisiting Darton’s site to enroll for an education? By the way, do you like apples?

1

Jacob 2 years, 7 months ago

"With your poor spelling, improper use of punctuation, and use of sentence fragments, maybe you should consider revisiting Darton’s site to enroll for an education?"

Maybe you should consider ending a sentence with a period instead of a question mark. Perhaps Darton has two openings.

0

KaosinAlbany 2 years, 7 months ago

I know someone who is very upset about this article and said that this story is not true. Tighten up!

0

coachjohnson42 2 years, 7 months ago

What???? not Darton???? Nooooooo......Not Darton????? Nooooooo

0

Jacob 2 years, 7 months ago

All 52 cards in your deck are still the same, huh coach? LOL

0

coachjohnson42 2 years, 7 months ago

Darton???? C'mon....your kidding me....NOOOOOO......could this be inappropriate behavior????? Darton College???? Noooooooo, I thought only the DCSS did bad stuff.....Where is Terry Lewis?

0

coachjohnson42 2 years, 7 months ago

Heeeeey Terry Lewis!!!! Did you read this about Darton??? I cant hear you!!! What did you say???? huh????? Heeeeey Terry!!!! We need you over here in this blog.......I know this is not about the DCSS cheating stuff, but this is better...this is juicy........This report is crucial man.....The report noted that Darton's networking infrastructure was lacking to the degree that a "hostile network user could potentially intercept information transmitted through the campus network and exploit content.".......Are you serious???? Nooooo, not good ole Darton......nooooo...say it aint so!!!!!

0

KaosinAlbany 2 years, 6 months ago

Coach, slow your roll. This was not an actual audit. It was merely a test before the audit to see what Darton needed to to do to tighten the rope so to speak. The Herald blew this wayyyyyy out of proportion.

0

coachjohnson42 2 years, 6 months ago

Hey.....I'm just reading the always factual,never exaggerated herald just like you dude.....

0

YDoICare 2 years, 6 months ago

Sadly this issue is not new to Darton. In past years some faculty and staff were victims of identity theft. In addition to anyone being able to access employee social security numbers in the various computer systems, many offices nonchalantly kept confidential records in public areas. Many faculty and staff left Darton and Albany because of this issue. Since nobody from the “inner clique” had their records compromised, nothing was done previously other than lip service. If anyone would review minutes from various committees and assemblies since 2000, Darton College officials have been aware of these issues for quite some time. You will also find numerous concerns about the security of the computer systems and how even Darton students could hack into the system from classrooms, and the electronic transmissions of confidential information via unencrypted pipelines. Fortunately, all of these matters can be fixed easily. Unfortunately, it took publicity to have these issues acknowledged with the intent of fixing the issues.

0

coachjohnson42 2 years, 6 months ago

This is a serious matter as some sensitive information could have been compromised. Including social security numbers, credit card numbers, etc....Darton needs to get its act together!!! This is a shame

0

coachjohnson42 2 years, 6 months ago

Shame, Shame, Shame!!! I think Terry Lewis should do a follow up story on this story. I bet if this was the DCSS showing such lack of security, he would be running down the Superintendent with his Alabama Crimson Tide cap turned backwards slobbering at the mouth.....

0

Sign in to comment