DHS, July 2, 2024 "The Department of Homeland Security (DHS) Council on Combating Gender-Based Violence (CCGBV) has two announcements to share with you. Building on DHS’s commitment to improving...
CMS, July 5, 2024 "President Biden’s recent decision to extend parole-in-place to the undocumented spouses of US citizens who entered the country without inspection is a significant first...
DHS OIG, July 3, 2024 "U.S. Citizenship and Immigration Services (USCIS) did not adjudicate affirmative asylum applications in a timely manner to meet statutory timelines and to reduce its existing...
Miliyon Ethiopis, July 8, 2024 "I feel like I have been born again, after a U.S. immigration court made a remarkable ruling in my “statelessness” case in June . I hope that my case will...
Identical DHS and DOS media notes are here and here . Media coverage here , here , here , here , here and here . The intent is to curtail irregular migration through the Darién Gap . [I have...
DHS OIG, Sept. 7, 2022
"U.S. Citizenship and Immigration Services (USCIS) did not apply the information technology (IT) access controls needed to restrict unnecessary access to its systems, networks, and information. USCIS did not consistently manage or remove access for its personnel once they departed positions and did not have a process to adequately verify access after personnel transferred offices within USCIS. Also, USCIS did not take all necessary steps to ensure privileged user access was appropriate and did not adequately manage and monitor service account access. These deficiencies stemmed from insufficient internal controls and day-to-day oversight to ensure access controls are administered appropriately and effectively to prevent unauthorized access. Based on our testing, USCIS did not implement all the required security settings and updates for its IT systems and workstations to help reduce the impact if access control weaknesses are exploited. Although USCIS systems and workstations were generally compliant with required security standards, not all required settings and updates were implemented due to concerns that they may negatively impact system operations. Lastly, while USCIS appropriately relied on departmental guidance for access control policies and procedures, the guidance was outdated and did not include the latest Federal requirements. USCIS is taking steps to enhance its access control and system security processes to address these deficiencies. Until fully addressed, these deficiencies may limit the Department’s overall ability to reduce the risk of unauthorized access to its network, which may disrupt mission operations. Additionally, inadequate security settings on IT equipment may limit USCIS’ capability to overcome a major cybersecurity incident." (Emphasis added.)