There are some things of which you just can’t get enough. Such is the case of data storage and maintaining cybersecurity standards. But at the Justice Department’s U.S. Attorney’s Office, where mounting evidence and other sensitive data from multiple technologies, and the need to keep them safe are paramount, the complexity of the challenge is daunting.
As sophisticated and leading edge as the agency might be with its platforms and its enterprise footprint, its struggled to keep up with the voluminous amounts of data.
“A good example of that would be the evolution of evidence from fairly static information to full-motion video and body camera data,” said Greg Hall, chief information security officer at the Executive Office for U.S. Attorneys.
Speaking on Federal Drive with Tom Temin, Hall said the datasets are becoming tremendously large, as is the importance of keeping them accessible to the right people and providing the security needed to protect the integrity of the data.
“The data we get from law enforcement and other organizations has to remain pristine from the time we get it until the time we exchange it with defense counsel and other stake holders in the litigation process,” Hall said. The loss of data, he said, could impact the prosecution of a case that an attorney might have been building for years.
Hall said his office has paid particular attention recently to Identity Governance and Administration systems, which encompass a number of processes from logging, analytics and reporting, to administering accounts, credentials and managing entitlements. They include a gamut of identity lifecycle management tools, technologies and activities. It’s something that’s important to the federal government and something agencies are focusing on.
But the Justice Department doesn’t work in a vacuum. It has to work with the private sector and provide defense attorneys with data in the form of discovery and presentation of evidence — which has to be done in a secure environment.
Making that possible was one of the first business problems Hall faced when he arrived at Justice.
“It required some real innovative thinking. It led to a very leading edge solution that leveraged commercial cloud technologies that let us centralize our data and bring people to the data.”
That means Hall’s office has to thoroughly vet cloud providers, from management to operators. He said those providers are very aware of those requirements.
“They’re very tuned into the FedRAMP requirements in particular. They’re very tuned into what it means to be high compliant, and what the implication is in terms of those employees that will have access.”
The U.S. Attorney’s office is also leveraging the commercial cloud environment to take advantage of the services they were designed for.
“It will provide a capability to manage our documents more effectively. It will provide workflows, editing, etc. We’ve been a big advocate for it, particularly with regards to the litigation capabilities, and I think you’ll see more of that,” Hall said.
Going forward, Hall said it comes down to developing the tools that make the data more understandable and more integrable, where operators can determine what’s actionable.
“You know what campaigns are out there, where your vulnerabilities, weaknesses and exposures are, and taking all that information and determining what action plan you need to execute. It’s something that’s evolving, but I think we’re getting there.”