Dot-govs Score Points for Protecting Privacy but Poor E-mail Authentication Remains An Issue

Federal websites score high in privacy protection but get dinged on poor e-mail authentication, according to a newly released report examining website security in both the government and the private sector. Almost half of dot-govs evaluated have failed to adopt adequate e-mail authentication technologies, in particular those that help stop phishing attempts and spam, according the seventh annual report from the Online Trust Alliance. The report scored websites from a wide variety of sectors based on three main categories: e-mail and domain authentication; infrastructure security; and domain, brand and consumer protection.

Although federal sites scored high in the privacy category, they lagged behind in domain, brand and consumer protection, according to the report. Their scores were about average in the category in which sites were evaluated based on their own security, as well as their server and infrastructure security. “We're seeing growth in many areas year to year, so it's a good step forward,” said Craig Spiezle, founder of the alliance and a study co-author. The report found that federal websites scored higher than any other sector in data protection, privacy and transparency, except for those entities specifically committed to safeguarding information.