The South Carolina Budget and Control Board unanimously approved Wednesday morning a plan to get bids from ID theft protection companies to provide additional protection for state taxpayers. Consultants that have been studying the state's computer security also made recommendations on what's working, and what needs to be improved, to better protect your personal information that's in state computers.
The state wants ID theft protection companies to provide service for up to five years. If possible, the state wants to be able to automatically transfer those people who've already signed up for the free year of credit monitoring that the state is providing into the new service. The request for proposals will also ask if the companies can come up with a way that the state Department of Revenue can automatically enroll the taxpayers whose information was stolen, rather than requiring the taxpayers to sign up on their own.
Gov. Nikki Haley said after the meeting, "When the hacking first happened, the goal we had was how do we protect people quickly? We partnered with Experian to get us a year in. Now we're sitting back saying, now what do we have to do to keep people protected at the highest degree?"
She wants the new service in place before the current year of credit monitoring runs out.
Consultant group Deloitte and Touche told the board that the state does have some systems and safeguards in place that are working well. Those include the Division of State Information Technology monitoring state agencies' computers around the clock for signs of hacking, and the Department of Revenue requiring employees to use two-factor authentication to sign in to agency computers. Two-factor authentication requires employees to sign in with their name and password, but also a six-digit code that changes every 60 seconds.
However, the consultants said since the state's agencies all operate independently, there's no consistency, making it hard to have strong computer security. It's recommending a more centralized system under a new statewide Information Security Division. Those changes, along with improvements to the state's computer hardware and software and additional training for employees, would cost about $15 million the first year and about $7 million a year after that.
1336 Augusta West Parkway
Can't find something?
All content © Copyright 2000 - 2014 Media General Communications Holdings, LLC. A Media General Company.