Drug Agency Finds Safe Harbor for Critical Data

Case Study: Denver's High-Intensity Drug Trafficking Area opts for an all-in-one secure computing tool to protect its highly sensitive data.

IT folk in corporate America spend many a sleepless night fretting over network security and how to prevent denial-of-service attacks or downtime that can negatively impact the business.

At the Rocky Mountain High-Intensity Drug Trafficking Area, a government organization charged with anti-drug efforts, the IT team has more pressing concerns related to network security. Along with worrying about loss of data or loss of productivity, this group agonizes over possible loss of life.

"We are a collector of data of a sensitive nature," explained Dwight Cunningham, network systems engineer at HIDTA, in Denver, which is part of The White House Office of National Drug Control Policy. HIDTA collects and stores surveillance information, phone records, analysis and other confidential informant information related to its drug investigations on its network—ammunition, Cunningham said, that has to be kept away from the "bad guys" at all costs.

To ensure that it was, HIDTA, with the help of Northrop Grummans systems integrator arm, performed a major security upgrade to its network—the goal being to ward off mounting intrusions that were disrupting network uptime as well as becoming cause for concern.

HIDTA, which is responsible for the Rocky Mountain region and has more than 1TB of data to protect on its network, turned to a new all-in-one appliance from Secure Computing that provided firewall, anti-virus and anti-spyware protection in one package, according to Cunningham.

"Our main problem and objective is to be able to secure the data within our domain without allowing intrusion, which could compromise privacy issues," Cunningham said. "We dont deal with marketing data or product data—we deal with analyzing and finding bad guys, so … we need to be very careful with our information based on government regulations. Information leaked out could compromise a case or put lives in jeopardy."

While corporate IT has viable challenges related to security, government agencies such as HIDTA are required to conform to a higher level of security because of the nature of their classified networks.

"Security measures others might consider secure, the Department of Defense or sensitive agencies like HIDTA could never adopt," said Matt Galligan, vice president of the federal division of Secure Computing, a maker of enterprise security products such as firewalls and VPNs, in San Jose, Calif.

"If someone hacks into a bank, people lose money. If someone hacks into a network such as HIDTA, people could lose their lives. It takes a different level of responsiveness and security," Galligan said.

At HIDTA, the so-called bad guys were doing everything in their power to get at the agencys highly sensitive information, said Cunningham. Several years back, prior to installing a new all-in-one security appliance, HIDTA was tracking 1,200 attempts per hour to infiltrate its firewall, he said.

These ongoing hacker attempts were wreaking havoc on the HIDTA network. Spam was also an issue, and Cunningham said his team had to regularly shut down the network to attend to the problem, causing internal productivity to stall and closing the network off from outsiders—both other government agencies and citizens, who access the informational aspect of the site.

"It was a constant battle to isolate the network by turning off outside traffic until we could get with a vendor and get a patch in to fix [the router]," Cunningham said. "That meant there was no work going on internally and no interaction with the outside world. Employees couldnt log on to Mugshot or other Internet resources, so they couldnt do their daily business and access the external resources that they needed."

Next Page: Securing the System With Sidewinder.