Defence has automated the removal of IT systems access for exiting employees and contractors amid an inquiry into IT governance within federal government.
Known as the ‘Defence Account Retirement Service (DARS)’, the capability automatically deactivates IT access upon cessation of employment or when an account isn’t compliant with the Information Security Manual (ISM).
The implementation comes after the Australian National Audit Office (ANAO) identified 1451 users “whose access to the Defence Network was not removed in accordance with requirements” between FY 2022 and 2023.
The audit formed part of the Inquiry into Commonwealth Financial Statements 2022-23, which found that “unauthorised user access to IT systems across the Commonwealth remains a problem as in previous years”.
In a statement to iTnews, Defence said it had deployed the capability to “assist in automatically remediating accounts that are non-compliant with Defence policies, such as the [ISM] and the Defence Security Principles Framework (DSPF).”
As well as employment, iTnews understands the solution also applies to workers who no longer have valid sponsorship and do not hold clearance or other requirements under the ISM and DSPF conditions.
The ANAO audit also alleged 2000 instances where former employees or contractors had logged into and accessed data from Defence systems.
However, the department’s submission [pdf] to the inquiry said the “vast majority [of these instances] were false positives” where “an individual has finished one engagement and commenced another engagement within Defence”.
In its submission, Defence added that it had also implemented an “integrated solution to prevent and detect unauthorised access” and stronger governance controls in access and usage of its IT systems.
