The DOL inspector general documented a history of issues with access control, third-party oversight, and configuration management, saying that the Department of Labor had showed “significant deficiencies” in these areas over the previous five years.11 former employees allegedly used their old login credentials to access agency networks, and the department has a history of neglecting to remove access privileges for departing employees.The usage of personal identification verification cards was only introduced by the labor department “in response to the Office of Personnel Management breach,” the study states. In the most recent cybersecurity sprint, the department did not, however, achieve the following White House objectives for identity, credential, and access management: 65 percent of users with privileges and 68 percent
