Census tests security BY Judi Hasson 03/27/2000

The Census Bureau has hired a company to try to break into its Internet site and brought in the super-secret National Security Agency to test Census security systems.

Census officials said they are certain the data is safe but want to make sure there are no vulnerable spots.

"Every day, people are scanning our ports. Its not just our site. Its any site, said J. Gary Doyle, who is responsible for systems integration at the Census Bureau.

Among the steps that the Census Bureau has taken to protect the decennial count:

* Hiring the technology firm Science Applications International Corp. to try to break into the Census Internet site, where respondents can file online. SAIC began working last week, and there have been no reports of successful entry into the site.

* Enlisting NSA to make sure the site is secure.

* Erecting firewalls to prevent penetration. Among the precautions: prohibiting e-mail from entering the site unless there is a specific address on it and barring outside computers from dialing up the census computer in the building.

* Encrypting all census data from the time it leaves a data scanning center via a secure telephone line until it arrives at the Census computer center in Bowie, Md.

* Making three copies of the data and storing it in different vaults.

* Providing backup systems at the Bowie computer center, including generators and air conditioners.

The Census Bureaus precautions have gotten high marks from security experts inside and outside government

"Census is using all of the proper security practices," said Richard Smith, vice president of federal operations at Internet Security Systems Inc. "I would guess the likelihood of someone getting in is small."

http://www.fcw.com/fcw/articles/2000/0327/web-1census-03-27-00.asp

-- Martin Thompson (mthom1927@aol.com), March 27, 2000