IAITAM: CONGRESS SHOULD RESCIND IRS CONTRACT WITH EQUIFAX UNTIL FIRM CAN DEMONSTRATE ITS “CHRONIC DATA BREACH PROBLEM IS OVER”
“Zero Confidence”: Group Says No-Bid $7.1 Million Contract With Credit Agency After Multiple Breaches Is “An Inexcusable Lapse”; “The Prospect of This Happening Should Horrify Any Elected Official”
CANTON, OHIO – October 12, 2017 — Dr. Barbara Rembiesa, president and CEO of the International Association of IT Asset Managers (IAITAM) today called on Congress to intervene in and rescind a no-bid $7.1 million contract recently awarded by the IRS to Equifax, which recently admitted to compromising the privacy of 145 million Americans.
Within days of the latest Equifax data breach coming to light, the IRS awarded the company the “critical” service contract for taxpayer and personal identity verification services. On October 4th, IAITAM’s Dr. Rembiesa said that a former Equifax CEO testifying before Congress was misleading lawmakers and the public about the latest breach by “scapegoating” one former employee for what was actually a failure of the company’s management.
Today, Dr. Rembiesa said: “On the very day that Equifax’s former chief executive misled Congress by scapegoating a single employee for their second major data breach in four years, the IRS announced that it was awarding the company with a contract which will allow it to leak out even more personally identifiable information about taxpayers. Equifax should have fixed things after its first major breach in 2013. It did not. Now, with the new breach it is showing that it still does not get it by shifting the blame off management.”
“I have zero confidence that Equifax should be trusted to process information about U.S. taxpayers,” Rembiesa said. “The prospect of this happening should horrify any elected official who is charged with looking out for the welfare of American consumers. Congress needs to slam on the brakes here and kill this IRS contract.”
In her October 4th statement, Dr. Rembiesa said that Equifax failed as a company when it neglected to put standard Information Technology Asset Management (ITAM) systems and controls in place that could have prevented the breach.
In an earlier statement on September 8th, IAITAM said that the Equifax’s second major breach in four years was inexcusable and could have been avoided. The organization said Equifax should be judged now on a “two strikes and you’re out” policy, one that would make the IRS-granted contract an inexcusable lapse requiring Congressional intervention.
Dr. Rembiesa explained: “It is due diligence on the part of an IT Asset Manager and their ability to utilize discovery tools (the tools which pull software data from the organization’s environment) that ensure proper versions of software are installed on organizational assets. This originally became a responsibility of an IT Asset Manager because software publishers began to charge organizations based on the software licenses they were running and which versions of software were supported by the organization. The unintended, but beneficial consequence to this development, was that IT Asset Managers were becoming instrumental in safeguarding and securing an organization and their data. Simply stated, it is people who run organizations through tools, not tools that run organizations through people.”
Dr. Rembiesa concluded: “The excuse given that the breach was a ‘human error’ is another way of saying that the proper people were not in place to ensure the safety and security of the data, or the people now exposed. The human error was not having an IT Asset Manager.”
The International Association of Information Technology Asset Managers, Inc., is the professional association for individuals and organizations involved in any aspect of IT Asset Management, Software Asset Management (SAM), Hardware Asset Management, Mobile Asset Management, IT Asset Disposition and the lifecycle processes supporting IT Asset Management in organizations and industry across the globe. IAITAM certifications are the only IT Asset Management certifications that are recognized worldwide. For more information, visit www.iaitam.org, or the IAITAM mobile app on Google Play or the iTunes App Store.
Alex Frank, (703) 276-3264 or firstname.lastname@example.org.