Agencies' security plans take top priority now

Agencies' security plans take top priority now

Treasury's Don Hagerling is fast-tracking security.

FAA's Brown: Cybersecurity is a top priority.

Federal technology managers at some agencies, reacting to the terrorist events of Sept. 11, have put the pedal to the metal on information security.

The Federal Aviation Administration accelerated plans to field a round-the-clock computer emergency response team.

'Instead of going 24-7 in nine months, it is 24-7 now,' said Michael F. Brown, director of FAA's Office of Information Systems Security. He spoke last week at a breakfast meeting of the Bethesda, Md., chapter of the Armed Forces Communications and Electronics Association.

Brown said FAA will speed up the security research program it conducts in conjunction with the Massachusetts Institute of Technology.

One technology the cooperative effort is considering is so-called IP hopping, in which message traffic continually flips from one IP address to another to foil hackers. If the technology works, it would resemble the frequency-hopping capability of digital radio, Brown said.

Treasury Department chief technology officer Don Hagerling echoed the feelings of many federal managers when he said, 'Friday [Sept. 14] was our day to grieve. Today [Sept. 17] is our day of remembrance, when we get back to work, making our systems better, our country better, our lives better.'

Trusted OS

Hagerling, who took a two-hour leave of absence from Treasury to attend the breakfast so he could speak unofficially, said the department would rush to get the Microsoft Windows XP operating system installed soon after its imminent release.

Agencies should dispense with their fear of XP as a new operating system, he said.

'XP is not a new OS, it is a fix of Windows 2000 operational and security issues,' Hagerling said. But, he added, because XP is not a trusted OS, Treasury would continue using trusted versions of Sun Microsystems' Solaris for sensitive applications.

He said Treasury would speed up several security initiatives, including:

  • Replacing its virtual private networks, which use frame relay over asynchronous transfer mode, with switched, secure IP nets

  • Requiring tokens for user log-ons and, later, smart cards for biometric authentication

  • Moving Web sites to virtual machine hosts so hackers can't get to physical servers.

    Hagerling admonished agencies not to shrink in response to terrorist actions.

    'I don't want those SOBs to win,' he said of terrorists. 'The way they win is if we deny access and shut things down.'
  • Reader Comments

    Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

    Please type the letters/numbers you see above