Striking the balance between information sharing and security
That balancing act requires a complex response, especially when designing networks and systems for collaboration.
Federal agencies working with sensitive information need specialized ways to share that data and foster collaboration internally among employees with different clearance levels, as well as externally with other agencies, industry and even foreign partners. That requires a balance between fostering the information sharing necessary to complete the mission and protecting that sensitive data from adversaries and insider threats.
“It’s a twin challenge. We need information to drive the investigation to achieve the national security public safety mission. At the same time, we need to make sure that that information is only seen and used by those who are, quote, authorized to use it,” said Megan Stiefel, chief strategy officer for the Institute for Security and Technology, on Federal Monthly Insights — Secure Collaboration. “So we want to get information to a lot of places, but we want to make sure in doing so, only those who need it to achieve their mission have access to it. And we want to make sure, of course, not just that our peers who are in our mission space but maybe not of the same security clearance don’t have access. We also want to make sure, importantly in the national security space, that our adversaries don’t have access to the information by virtue of a mistake that we’ve made or by virtue of the fact that we didn’t think about how they might gain access.”
That balancing act requires a complex response, especially when designing networks and systems for collaboration. Some networks may have databases that require different clearance levels to access, while others may be entirely different and segmented by clearance. Collaboration tools likewise may have open or closed channels in order to restrict the flow of information.
Protecting the data
That requires network architects to think about the core principles of security and privacy as they’re designing a system for collaboration. It also requires everyone with access to that system to understand its purpose and the rules and policies that govern it.
“At the end of the day, making sure that the users who will have access to the enclave will be well-trained, and certainly that has been a big topic over the years about these different databases that the government maintains and making sure that those individuals who are gaining access to them have received the proper training,” Stiefel said. “So in terms of who sets the rules, really, we’re looking at the highest level about the delegation of authority that Congress has granted to a particular agency, the agency had delegating down through the particular policies. In the case of the FBI, the name of it has changed over the years, but the domestic operations manual, will set forth the principles, policies and practices through which the FBI will gather and maintain information, the partners that they can share it with.”
Tagging and logging are two important tools agencies have to ensure the security of their sensitive data. Tagging helps proactively restrict who can access specific data fields and for what purpose. Meanwhile, logging can help more reactively, to go back and look at who has accessed data, and what they did with it. That can not only help point to who might be responsible for a leak but also reveal how they did it and provide options for mitigating that leak while preventing similar ones in the future.
Collaborating between classification levels
Steifel said it is possible to have meaningful collaboration across classification and clearance levels, but it’s tricky to do properly. It’s fairly easy to upgrade declassified information into a classified environment; going the other way is possible, but extremely difficult — especially in cybersecurity, she said. However, having the right systems and architectures in place can ease that process.
One thing she said that’s important in this situation is to keep track of the provenance of the data.
“Where did it come from? Did it come from highly sensitive sources or methods, or did it from a partner? One could think about an international partner in the case of the Five Eyes,” Steifel said. “Or it’s sensitive because perhaps it came from the private sector, but the private sector in a particular instance is actually operating as a source. And so the private-sector actor doesn’t want to have to be involved in publicly being associated about the information.”
Copyright
© 2025 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
