Feds must nail down network server safety

As in the commercial world, vulnerability is a watchword in virtually every federal
program.

Vulnerability comes in different shapes and sizes and presents many levels of risk. It
increases as agencies move documents from paper to electronic formats, as they open more
external network access points and as they integrate a growing variety of communication
modes into their distributed systems.

Systems that process private data, such as those at the Social Security Administration
or IRS, are typically big, with multiple processors all backed up to safeguard against
failure. We don't worry too much about them.

But maybe we should. Transaction data doesn't go into and out of big systems the way it
used to, via punch cards or magnetic tape. Transactions are now routinely collected
remotely and transmitted to and among big systems through networks. Network traffic is
controlled by network servers. Therefore, merely backing up mainframes is no longer
adequate to ensure trust in large systems.

A new point of vulnerability, the network server, has crept into large systems. Agency
managers can have confidence that mainframe data is safe, but they would be mistaken to
assume transactions are getting to and from the mainframes safely. Network transactions
bring dangers of contamination from viruses, normal small-system failures, sabotage and
natural disasters.

Server security is not a sexy subject. It gets scant attention compared to the year
2000 crisis, but with efforts dedicated to identifying potential failures of
date-processing code, network server safety might get the attention it deserves.

Some agencies are using servers to transfer code to remote processing centers,
temporarily set up for the purpose of examining their systems' vulnerability to date code
errors. Such servers are only a temporary element of the 2000 solution.

But maybe they shouldn't be temporary. Why not keep the expanded configurations in
place as part of normal operations and back up the server traffic in the process? Few
agencies are taking this approach.

Agencies concerned with network backup are, at best, implementing only pieces of a
solution. Solutions consist of several components, including:

Backing up LANs should be mandatory. Too few organizations pay attention to the
vulnerability of those networks to the degree that they deal with data center
vulnerability.

Measuring the cost of a safer approach might be difficult, but so is measuring the
value of lost data when access to a system is lost. This is especially true now that
vulnerable client-server systems have become platforms for electronic commerce. Agencies
cannot move safely into electronic commerce if their networks are vulnerable.

At any time in the federal government, there may be 150 programs conducting some
acquisition activity via network servers. The number of sites connected by the servers can
run to thousands.

The functional requirements of the networks include data communications, secure command
and control processing, move-ment of cash, resource planning and tactical operations
involving multilevel security. An agency can't tolerate the failure of a network server in
any of these environments. In business, it would translate directly to lost revenue. It
should mean as much to government processing.

Discussing the issue with federal executives who recognize the potential disaster from
network server failure made two things clear. First, they are aware of the problem.
Second, federal leaders believe strongly that funding is inadequate to assure safe
networks, especially given the growing panic about the year 2000 situation.

A review of 169 active procurements for network servers revealed that fewer than
one-third are tackling the need to back up system resources. Only one Commerce Business
Daily announcement in the last year was about server backup on a LAN, and it merely
requested information on pricing.

This is not the level of concern one expects for such a critical vulnerability. More
than the $3.9 billion most recently estimated will be needed to assure that critical
government systems function after 2000. If systems benefit from this issue, then systems
budgets are where the money will come from.

If so, there won't be much money left for any more than maintaining basic processing.
Federal agencies identified in their 1997 information technology budgets only $9 billion
for their support service requirements. They won't earmark much more than that for 1999.

What can be done about LAN protection, apart from the piecemeal solutions already
identified?

Government managers should be anticipating threats to their LANs if they aren't
already. Each threat has a probability factor. Each data transaction--or groups of
them--has a business value that can be measured in dollars. That gives you the basic data
points for a risk assessment.

Make network security part of every procurement. Bidders should have the necessary
risk-cost information to build an appropriate solution, not merely one that deals with
processing requirements. All this needs an effective management approach.

As one senior IT manager accurately commented, "It's entirely a management
issue." But IT itself is only part of the solution.

Robert Deller is president of Market Access International Inc., an information
technology market research, sales and support company in Chevy Chase, Md. His e-mail
address is bdeller@markess.com.