By Andrew Soergel
Only 4 percent of state government websites in the U.S. passed a pair of information security tests, according to a new report that suggests state-supported websites can improve when it comes to protecting consumer data.
A report published on Monday by the Information Technology and Innovation Foundation analyzed hundreds of state webpages, including sites dedicated to business registration, the procurement of fishing and hunting licenses and traffic citation databases. It found that the vast majority of state websites failed to pass two information security tests – related to the use of Hypertext Transfer Protocol Secure (HTTPS) and Domain Name System Security (DNSSEC).
"It is vital that citizens be able to securely interact with state government websites. Insecure websites put the sensitive data and browsing history of individuals at risk," the report said, noting that 53 percent of all state websites analyzed in the report passed at least one test but "fewer than 4 percent" passed both.
Individual Kentucky state websites passed both tests with greater consistency than any other state. The Bluegrass State's business registration, driver's license, election, fishing and hunting license, tax and traffic citation sites were all found to be up to snuff, though a handful of other pages – including its vital information hub and primary state website – were found to have vulnerabilities.
