Auditors have flagged the state of Michigan for gaps that could increase the risk of its computer network being hacked.
An audit released Friday made 14 findings, including five that are "material" -- the most serious. The Office of the Auditor General says the Department of Technology, Management and Budget did not do enough to ensure that only authorized devices access the IT network and did not fully implement an effective process for managing updates to operating systems.
Auditors also say conducted an exercise in which nearly one-fifth of 5,000 state employee randomly sample clicked on a "phishing" email and entered their credentials.
A state spokesman says it has already begun to implement many of the auditors' recommendations, and the data in the state's network is "safe and secure."
Copyright 2018 Associated Press. All rights reserved.