USPS: October is Cybersecurity Awareness Month
The Postal Service is marking its 10th year of observing Cybersecurity Awareness Month.
CISO
Postal Bulletin: Be Creative with your PINs and Passphrases
It’s been proven that password reuse is a leading cause of account compromise.
USPS OIG: After-Action Review of Unauthorized Access to USPS Employee Self-Service Portal
Background The U.S. Postal Service is the second largest employer in the United States with over 640,000 employees and $2.15 billion in bi-weekly salaries. To provide employees with convenient access to their payroll, benefits, and personnel data, the Postal Service uses the LiteBlue portal. This web-based portal contains several human resources (HR) applications, including PostalEASE, … Read more
USPS OIG Report: Legacy Systems at the U.S. Postal Service
Background The U.S. Postal Service performs a variety of operations, dependent on its vast information technology infrastructure. This infrastructure encompasses 761 systems that the Postal Service strives to maintain and secure from network attacks. In support of the Delivering for America plan, the Postal Service plans to invest in modernizing and enhancing cybersecurity technologies, but it is still … Read more
USPS updates security policies
July 22, 2021 The Postal Service has updated Handbook AS-805, Information Security, which details the organization’s security policies for technology assets and information resources. The updates include several new topics, including: The Executive Cyber Risk Committee, which evaluates and monitors cyber risk management activities and their alignment with the overall corporate risk profile; Contractual security … Read more
USPS OIG Report: Integrity of the Social Media Presence
Objective Our objective was to assess the U.S. Postal Service’s social media and digital channel security posture. We also assessed whether policies are in place to protect the integrity of the Postal Service’s official social media and digital channel presence. The Postal Service uses social media to promote its brand, products, and services and to … Read more
Postal Bulletin highlights Cybersecurity Awareness Month 2020
The United States Postal Service maintains one of the world’s largest information technology networks, which links nearly 1.2 million devices and 66,000 mail processing technology systems. Established in 2014, the Corporate Information Security Office (CISO) safeguards this network — the network that binds the nation together — with enterprise-wide cybersecurity technologies and solutions. This October, … Read more
USPS OIG Report: Controls Over Purchasing and Maintaining IT Equipment
Objective Our objective was to determine if controls for purchasing and maintaining information technology (IT) equipment, specifically printers, webcams, and [redacted] cameras, are effective in identifying, assessing, and mitigating vulnerabilities and related cybersecurity risks to the U.S. Postal Service’s IT infrastructure. The Postal Service purchases IT equipment, such as webcams and printers, through the eBuy … Read more