State Auditor Nicole Galloway continued her campaign for stronger computer security policies in government with a report listing five of the most common mistakes her office has found.

The list was compiled based on audits of both state and local governments her office has issued this year.

"Despite the increasing awareness of threats to data security across all levels of government, my review found there are still some very basic security measures that have not been implemented," Galloway said.

1. Passwords: Passwords were shared among workers or did not have to regularly change their passwords
   
   
2. Access: Employees were given access to data that was not necessary to to perform their jobs
   
   
3. System locks: Access to computers were not locked for a period of time after repeated incorrect passwords were entered
   
   
4. Backups: Data were not backed regularly nor stored in an off-site locations
   
   
5. User restrictions: Protections did not exist to prevent inappropriate system changes by users nor tracking who made system changes

When the Democratic auditor was sworn in to replace the deceased Republican auditor, Tom Schweich, Galloway said cyber-security would be a major focus.

Since her appointment in April of this year, Galloway has announced special cyber-security audits of five school districts and issued an audit critical of the security of a database on students maintained by the state Education Department.