The Office of Personnel Management has been collaborating with other federal agencies, Congress and industry to identify additional methods for OPM to strengthen protection of its systems and data.
OPM said it also developed a multi-phase strategy to secure legacy information technology applications as the agency’s infrastructure undergoes an upgrade.
“The plan provides a framework that is rooted in the use of human resources data throughout a lifecycle, allowing for reuse of that data in our HR systems to support agile HR policies,” said OPM Director Katherine Archuleta.
The agency says it implemented programs to deploy two-factor authentication tools, anti-malware software and firewalls as well as to limit remote access, centralize security management and accountability, establish a risk executive function and train entire workforce on cybersecurity.
OPM also enlisted the help of outside experts to determine cyber targets within the agency’s network and update existing security protocols.
These cybersecurity measures have helped the agency detect and stop further intrusion of sophisticated malicious threats into computers that store sensitive federal employee and citizen information, OPM noted.