• on Oct 25th, 2013 in OIG | 0 comments

    On July 26, 1775, all you needed to deliver the mail was a strong back and a fast horse. In 2013, the tools required to move 40 percent of the world’s mail sound more at home in science fiction. Robots, supercomputers, 23 petabytes of digital storage (that’s 24,117,248 Gigabytes), and one of the world’s largest computer networks help deliver letters and parcels across the globe. Like any organization of its size and profile, the Postal Service regularly sees malicious activity directed at its network. The Office of Inspector General's Computer Crimes Unit (CCU) works closely with the Postal Service's Corporate Information Security Office to investigate and prosecute threats to Postal Service networks and information resources.




    Information security is a shared responsibility and we need your help to keep the Postal Service network secure. So as we close out National Cyber Security Awareness Month, we share some simple steps that go a long way toward improving security:

    • Keep a clean computer – keep your anti-virus, operating system, and software programs updated. Many attacks exploit vulnerabilities in unpatched systems that could be prevented simply by keeping current with updates.
    • Be wary of emails and websites soliciting personal information or login credentials, even if they look real. Also be suspicious of unexpected emails, especially those with attachments.
    • Use strong passwords – good passwords use a mix of upper and lowercase letters, and numbers and symbols. Use different passwords for each of your accounts
    • For our customers, beware of bogus package delivery notification messages and Change of Address websites. Find out about these schemes and how to avoid becoming a victim on the Postal Inspection Service's (https://postalinspectors.uspis.gov/pressroom/schemealerts.aspx) page.
    • For Postal employees and contractors, please stay vigilant and report suspected security incidents or suspicious activity immediately to the Computer Incident Response Team at USPSCIRT[at]usps[dot]gov or call 866-USPS-CIRT (866-877-7247).

    For more information on how to stay safe online, visit http://www.staysafeonline.org/.

    We’re here to support our Postal Service customers around the clock and can be reached via the OIG main number at 703-248-2100. You can also report security incidents to us online via the OIG Hotline or at 888-USPS-OIG (888-877-7644).

    We welcome your input on information security. If you are a business, how do you educate your employees and customers about the importance of information security? Consumers and employees, are there ways the Postal Service could strengthen their systems? 

  • on Oct 18th, 2013 in Strategy & Public Policy | 1 comment

    Last month, the U.S. Postal Service awarded the contract for a pilot program for a cloud-based identity management system called the Federal Cloud Credential Exchange (FCCX). Using a closed communications network, or "digital pipelines", the Postal Service will deliver digital packets ("envelopes") of secure identity data between government agencies and private or public identity providers. The idea is that a person could use an identity from one of many providers, such as a financial institution or utility, to access different government websites, as long as the identity met a required level of security. This should be far more convenient than logging in to separate services with multiple identities and passwords.

    Government and identity provider participants in FCCX have not been finalized. But the Veterans Administration is on board, and other potential participants, such as the Internal Revenue Service, Department of Education, and Social Security Administration, have been working with the Postal Service on the requirements and standards for the pilot.

    Once the digital pipelines have been established, they can be applied to a number of processes that require secure communications. For example, the Internet of Things, the networked interconnection of everyday objects, may include high-risk communications, such as between medical monitors and medication dispensers, mobile payment sites and financial institutions, or electric meters and power companies. The Postal Service recognizes the potential value of playing an enabling role and has made a move to secure a position in the digital world. Nextgov.com reports that the Postal Service has recently filed for a number of digitally oriented trademarks to cover services in data encryption, secure communications, and electronic document management.

    What do you think? Can the Postal Service bring greater security and privacy to online communications and transactions?

  • on Sep 30th, 2013 in Products & Services | 6 comments

    This is the time of year when retailers, nonprofit organizations, and other mailers step up their holiday advertising mailing campaigns. Volume spikes in this period, known as the fall mailing season, which then gives way to the even-busier holiday mailing season, when personal correspondence and packages spike. The U.S. Postal Service makes most of its money for the year in the period between Labor Day and Christmas.

    Commercial mailers work closely with the Postal Service to help it prepare, but the fall mailing season has always presented operational challenges. In some ways, it is highly efficient because facilities are staffed for busy times. But postal equipment, including mail tubs, trays, mail transporting equipment, and pallets, have to be in the right places at the right times. In past years, commercial mailers have complained about shortages of mail equipment. Ideally, mail sorting equipment should run at optimal throughputs for maximum efficiency, and the online system mailers use to set up mail entry appointments should work seamlessly. Still, mail delays can occur for a variety of reasons, including mail processing errors, inefficient use of automation equipment, congestion on the facility floor, and working from incomplete operating plans.

    The Postal Service’s fall mailing season plan attempts to eliminate roadblocks to swift processing and delivery. This year, it has ordered extra mail transport equipment and looked at ways to shift volume from heavily used equipment to under-used processing equipment. The Postal Service is also relying on the increased visibility from the Intelligent Mail barcode as a diagnostic tool to uncover bottlenecks. These tools helped it reduce mail delays in fall 2012 by showing “pinch points” and helping managers act on that information to reduce mail cycle times.

    This year, however, could prove especially challenging as the Postal Service continues with its network consolidation implementation. It has completed more than 150 facility consolidations and has moved more than 700 pieces of equipment in support of the consolidations. With the late date of Thanksgiving this year, the end of fall mailing season pushes right into the peak mailing season for the holidays.

    Mailers, what have your experiences been like so far this fall mailing season? Are there noticeable improvements in mail equipment availability, mail delivery times, and appointment opportunities? Has network consolidation posed any unexpected challenges?

Pages