Securing the 2000 Census

On a hilltop in Bowie, Md., overlooking the traffic flowing down Route 50, the Census Bureau's glass building that houses its central computer system nearly blends into the horizon.

On a hilltop in Bowie, Md., overlooking the traffic flowing down Route 50,

the Census Bureau's glass building that houses its central computer system

nearly blends into the horizon. Except for an eight-foot metal fence

built only the week before census forms were mailed out on March 13, it

looks like there is very little security. Don't be deceived.

Just as the 2000 census is the first fully automated head count of the

U.S. population, the bureau's data system is protected by the most highly

sophisticated technology ever used to secure a decennial count.

The computer center houses Digital Equipment Corp.'s GS 60 computers,

which edit the data; IBM Corp.'s RS/6000 computers, which house the data;

and Novell Corp.'s NetWare 4.11, the network operating system. The system

is driven by Lockheed Martin Corp.'s DCS 2000, the data capture system that

scans the data into systems at four regional centers and delivers it to

the computer center.

The statistics and individual data in the system are a treasure trove,

harvested by government agencies, companies and universities for research

and marketing that will affect trillions of dollars in government programs

and commerce each year. In short, the systems hold information that is a

hacker's dream.

Census Bureau officials said they believe they have taken every precaution

to secure their networks. The agency erected firewalls to protect the 2000

census data and does not allow e-mail to enter servers that handle census

information. The bureau also does not allow any outside computer to dial

up the census computer in the building.

To check how secure its networks are, the bureau called in the National

Security Agency to check out the security system and make sure it could

not be penetrated. Census also hired Science Applications International

Corp. (SAIC) to try to break into the Internet site where census respondents

are filing online.

"The initial penetration [attempt] will be from the external side, and

then from the internal side," said Tim Ruland, the chief census information

technology security officer. "I am very confident that the system is secure

as it can be and won't be compromised."

Census is well aware that hackers repeatedly try to break into its systems,

just as hackers attempt to crack other federal agencies.

The Justice Department reported that the number of hacking cases nearly

doubled last year, reaching 1,154, up from 547 in 1998. And the Defense

Department has said it has experienced tens of thousands of hacker attacks.

This month alone, the Army has reported nearly 4,000 attacks against its

systems. The Computer Emergency Response Team at Carnegie Mellon University

reports a 121 percent increase in computer intrusion incidents between 1998

and 1999.

Cyberattacks against the Census Bureau have failed so far. "We've been

looking for mischief, believe me," said J. Gary Doyle, who is responsible

for systems integration at the Census Bureau. "We haven't seen anything

yet."

What's at stake for the Census Bureau's automated head count goes well

beyond the agency. Because of the complexity and risk involved in automating

the 2000 census, with all of its private data, the effort is seen as a key

test case for digital government as a whole on how to keep intruders out,

said Doug Sabo, security expert at the Information Technology Association

of America.

"It is a big test," he said. "To some extent, government needs to get

its feet wet."

Protecting the Count

Well aware that the census asks delicate questions and that people are

worried about their privacy, Census Director Kenneth Prewitt has repeatedly

assured the public that no one — except the Census Bureau — has access to

the data.

"There is an absolute firewall between a statistical operation and enforcement,"

he said at a recent press conference. "No court of law, not even the president

of the United States, can find out your answer."

For many security experts, Census' security measures, especially hiring

an outside firm to hack its computers, is a good sign that the bureau is

taking security seriously.

Jack Brock, director of governmentwide and defense information systems

at the General Accounting Office, said it is not unusual for federal agencies

to test their own systems by bringing in outside firms to check them out

and by asking NSA to check their security capacities.

"The fact that Census is engaged in such tests is a positive sign,"

Brock said.

To make sure the information is protected, the data is encrypted from

the moment it leaves one of four data capture centers via a T-1 or T-3 line

to the moment it arrives at the computer center in Bowie, where the numbers

are crunched and massaged. Encrypted again, it is sent on to Census headquarters

in Suitland, Md., where the numbers are analyzed.

"If you saw it streaming down the line, you wouldn't know what it was,"

said Dominick L. Wisniewski, assistant division chief of operations at the

center in Bowie. "Unless you had the scheme, you can't get any useful information."

Faced with new technology and new problems, the Census Bureau has proceeded

cautiously through the web of change. For example, although the Internet

is increasing in popularity, Census opted to make it possible to file a

census form over the Internet but did not advertise the availability of

that method.

"This is a whole new technology," said the Census Bureau's Doyle. "We

know mail-out, mail-back does fine. We were very conservative and cautious

in how we dealt with public data, and we're always concerned about security.

We expect the next census will have more use of the Internet."

The system is on alert in other ways, too. If someone attempts to return

a questionnaire by mail and then file another one online, the computer will

know it. If someone tries to file online more than once, it will know that,

too, and discount the information.

"We have a way of unduplicating," Doyle said.

Such plans have paid off. Private security experts give Census high

grades for the steps taken to protect the system.

Howard Schmidt, Microsoft Corp.'s chief information security officer,

said it appears that Census is doing everything right by hiring their own

trusted source to try to break their system. And their other security efforts

have worked, too.

"It sounds pretty robust," he said. "It takes constant vigilance."

Congressional oversight committees are watching carefully to make sure

there are no security problems with the head count. Chip Walker, spokesman

for the House Government Reform Census Subcommittee, said Census officials

have assured Congress that the system is secure. So far, nothing remiss

has been reported.

But others warn that Census officials should not be too confident their

data is safe. "Anyone who says all data is secure is fooling themselves,"

said Rick Lane, director of e-commerce and Internet technology at the U.S.

Chamber of Commerce. "There is no such thing as a fully secure system."

Security Isn't Just "Cyber'

To make sure data is not lost, three copies of every tape are made.

One copy is trucked each week — in an escorted, but unarmed, convoy — to

Census headquarters in Suitland and placed in a vault for safekeeping.

Two other copies are kept in a tape vault at the center, which was built

with a fail-safe equipment system.

There are two air-conditioning systems, in case one fails. The air is

kept at a cool 68 degrees at all times to protect the computers. Eight generators

provide emergency backup power, in the event of a blackout.

"When we back up a system, we back up a system," said a top systems

official at the computer center.

In the event of fire, the floors at the computer center have been built

four feet above the subfloor so water can drain and not ruin the computer

hardware.

Eighteen cameras are mounted around the building, and guards watch for

problems or unusual activity 24 hours a day via indoor monitors.

There is a sophisticated smoke detector system as well as closed-circuit

TV and a badge access system to get a visitor past the front door. If you

are not supposed to be there, you won't be.

Keeping Constant Watch

The components of a successful operation, experts say, include properly

training employees to handle the data.

"One of the key things we do is employee training, because...really

the easiest way to lose data is someone being careless with the data," said

George Alfs, spokesman for Intel Corp., the California-based high-tech company.

Census has gone a step farther in hiring both temporary and permanent

employees. Every worker must undergo a background and fingerprint check

before they are hired.

The second important procedure is to close down the pipeline between

the source of the information and destination. By using encryption techniques

and providing dedicated telephone lines, Census appears to have done that,

according to security experts.

And the third is to make sure hardware systems, such as processors and

other key pieces of equipment, are secure.

"Census is using all of the proper security practices," said Richard

Smith, vice president of federal operations at Internet Security Systems.

"I would guess the likelihood of someone getting in is small."

But the challenge of protecting the system is always there.

"Every day, people are scanning our ports. It's not just our site. It's

any site," Doyle said. "The most persistent ones are the ones we watch.

NEXT STORY: AMS hooks up with govWorks

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.