A new report provides scathing performance numbers for U.S. government web sites just days after Wikileaks released a leaked treasure trove of CIA documents.

Some 92 percent of most popular U.S. government web sites fail to meet standards for security, speed, mobile, or accessibility, according to a new report from the Information Technology & Innovation Foundation, a non-artisan think tank based in Washington, D.C.

In fact, many federal sites don’t meet the government’s own requirements, “let alone industry best practices,” the report says.

“One of the most important ways that the U.S. government provides Americans access to government services and information is through more than 6,000 websites on more than 400 domains. Unfortunately, many of these websites are not fast, mobile friendly, secure, or accessible,” ITIF reports.

ITIF reviewed nearly 300 of the most popular federal websites. Some highlights:

Security:

  • 33 percent of the reviewed websites failed the test for Secure Sockets Layer (SSL) certificates, which underpin most Hypertext Transfer Protocol Secure (HTTPS) connections—a common standard for encrypted Internet communications that all executive-branch websites are required to use.
  • Of surveyed websites, 14 percent lacked SSL certificates (and therefore did not have HTTPS), and an additional 19 percent had SSL, but failed the test due to poor implementation.
  • Websites that failed the test for SSL certificates include the Department of Defense (defense.gov), the International Trade Administration (trade.gov), and the United States Courts (uscourts.gov).
  • 10 percent of federal websites failed to enable Domain Name System Security (DNSSEC)—a set of protocols that add security to domain name system lookup and exchange processes. Executive-branch domains are also required to enable DNSSEC.
  • Websites that failed the DNSSEC test include the House of Representatives (house.gov), the Speaker of the House of Representatives (speaker.gov), and the U.S. Forest Service (fs.fed.us).
  • Overall, 61 percent of websites passed both the SSL and DNSSEC tests.

Speed:

  • While 22 percent of websites failed the speed test for desktops, 64 percent failed the speed test for mobile devices.
  • Websites that failed both mobile and desktop speed tests include the General Services Administration (gsa.gov), the Federal Trade Commission’s IdentityTheft.gov, and the National Cancer Institute (cancer.gov).

Accessibility:

  • 42 percent of the reviewed websites failed the accessibility test for users with disabilities.
  • Websites that failed the accessibility test include the International Trade Administration (trade.gov) and the Internal Revenue Service (irs.gov).

Read the report at:

https://itif.org/publications/2017/03/08/benchmarking-us-government-websites