The Data Center of the Department of Administration provides support for many core functions of state government, including accounting and personnel systems.
The Auditor General’s Office says it found the Data Center lacks an adequate plan to recover from disasters and has not broadly assessed security threats since 2006.
Auditors also report finding active user accounts for dozens of terminated employees, including several with remote-access privileges and one with high-level administrative privileges. The report says that could result in risk of theft or misuse of confidential information.
A response by Administration Director Scott Smith agrees to the findings and promises to implement auditors’ recommendations for improvements.