Report outlines path to secure e-government
The federal government can no longer afford to have security be an afterthought in e-government operations, federal information technology experts said Friday, upon the release of a new report from the CIO Council.
The report, "Securing Electronic Government," focuses on security issues raised by Web-based information services, procurement systems and online financial transactions.
"Government organizations are beginning to recognize the importance of including security considerations in up-front planning for Web-based information services," the report said.
The report gives agencies tools to gauge how much security they require and how to develop a security program that meets their needs.
"The most important first step is to create a security plan," the report said. "The purpose of the plan is to analyze what can go wrong and to determine responses that reduce the likelihood and consequences to an acceptable level."
The report included three case studies highlighting the role of security in emerging e-government initiatives, the level of risk associated with the programs and the technical security measures agencies have taken.
The case studies are of NASA's Internet-based procurement system, the Energy Department's online job information and statistical data dissemination initiatives, and the Social Security Administration's attempts to ensure the online security of the Personal Earnings and Benefits Estimate Statements it issues.
The report concluded that security needs increase with the monetary value of a procurement and that the greatest risks to Web-based information services are denial of service attacks and malicious data changes.
Conducting financial transactions online raises other security considerations, said Sky Lesher, the Interior Department's deputy chief financial officer. Web sites featuring such transactions must be continually available and have controls in place that effectively protect the services from unauthorized access, he said.
"We can all see the incredible benefits of electronic government," said Harris Miller, president of the Information Technology Association of America. "But, of course, with the benefits come enormous challenges. One of these is protecting information."
RELATED STORIES
- Agencies get new guidance on computer security 12/12/00
- FAA urged to step up computer security efforts 12/07/00
- New group to help agencies measure computer security weaknesses 11/29/00
- Congress continues to hammer agencies
on computer security 10/24/00 - Horn to grade agencies' security practices 08/28/00
- White House, industry to push Congress on computer security 08/07/00
Post a Comment
To post a comment, you must provide a name and a valid e-mail address. Messages must be limited to 400 words. By using this Service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although Government Executive does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.