by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : October 2013
GCN OCTOBER 2013 • GCN.COM 15 in 2008 and a four-phase transition to the new system was scheduled to be- ing in May 2009. The original HSIN was to be shut down in September 2009 when HSIN Next Gen would be fully operational. But by October 2008 GAO conclud- ed that, "DHS has been challenged in its ability to efficiently and effectively manage the department's existing pri- mary information-sharing system. In particular, although DHS has invested upwards of $70 million on the system, it still does not fully meet user needs." Development of the Next Gen system was plagued by a lack of project and acquisition planning, inadequate re- quirements development and poor risk management. "Investing money given the current state of management controls puts the project at risk," GAO concluded. Then, in April 2009, one month be- fore the transition to Next Gen was to begin, a hacker using federal creden- tials got into the system, accessing sensitive but unclassified information. This was followed by a second breach in May. In October 2010 DHS shut down Next Gen. GAO estimated that killing the project saved the depart- ment $129 million. NEW DIRECTION DHS reexamined HSIN user require- ments and security needs, and in No- vember 2010 got the go-ahead from the Office of Management and Budget for Release 3, which would feature better identity management and ac- cess control and would fit in with the department's plans to consolidate its Web portals, reducing the number of sites providing the same types of ser- vices. Development began in Septem- ber 2011 and in July 2012 it achieved initial operating capability. DHS took to heart GAO recom- mendations for fully staffing a HSIN program office with clearly identified roles and accountability, pursuing a requirements-based development pro- cess with appropriate change controls, and ensuring risk management for the development and procurement cycle. "It all starts with leadership," said Brody, who gives Donna Roy, executive director of the DHS Information Shar- ing Environment Office, much of the credit for the success of the program. There was a strong senior management team and accountability to a timeline and to stakeholders, he said. The focus was on user needs, he said. "There is no room for ego." The legacy HSIN was decommis- sioned in August 2013 and 40,000 us- ers and millions of documents have been moved to the new system. Release 3 is on track to achieve full operating capability by the end of the year, Brody said. All users receive in-person iden- tity verification before being given an account, and access now requires two- factor authentication. Users logging onto an account must not only use a user-ID and password, but also a code sent out-of-band to a device such as a phone that they must also have in their possession. The agencies that upload informa- tion to the system retain control over it. The information is tagged by the own- ers with metadata that is matched with access rights to determine who can ac- cess and use it. This tagging for access management is enabled by Microsoft's SharePoint collaboration software. The platform also uses Adobe Connect Web con- ferencing software and Cisco Jabber for instant messaging. Administrators have created 140 communities of inter- est to allow collaboration, sharing and chatting among the group. Some work remains in fleshing out HSIN Release 3. Simplified sign-on is being planned to enable interoper- ability with other networks, including Law Enforcement Online (LEO), the FBI's information sharing network; Regional Information Sharing Systems (RISS), a network of distributed law enforcement systems; and Intelink, the intelligence community's network of intranets. HSIN also is in the process of joining the National Identity Exchange Federa- tion, using the Federal ICAM Backend Attribute Exchange. These enhancements are expected to more fully integrate HSIN Release 3 into the federal, state and local public safety communities.• HSIN in action: Boston bombing, Deep Water, Super Bowl Despite its troubled history, the Homeland Security Department's Homeland Security Information Net- work has shown its worth as a platform for enabling communications and data sharing across department boundaries during emergencies. In the wake of the Boston Marathon bombing in April, HSIN provided Web-based conferencing and collaboration to 400 people from local, state and federal law enforcement and intelligence agencies. Demand for the service reached a peak during that investigation. The HSIN help desk typically receives about 250 inquiries a day and about 1,750 in a week. In the week following the bombing it received more than 5,000 requests for help and access. Prior to that, the largest number of calls received was during the Deep Water Horizon Oil Spill in 2010, when it received 500 calls in one day. During the Deep Water Horizon event, the U.S. Coast Guard used HSIN extensively to keep in touch and work with other state and local agencies in the area of the spill. But HSIN is not just for disaster response, said Michael Brody, HSIN manager for policy outreach and communications. "There is a steady stream of opera- tional cooperation going on behind the scenes daily," he said. "Things you will never read about. It also is used for routine management of national security events, such as presidential inaugurations and Super Bowls. Not all of these events turn out to be rou- tine, however. The Feb. 3 blackout during Super Bowl 47 in New Orleans threw security operations into some confusion, but HSIN was able to keep law enforcement personnel in touch with each other and ease concerns about a possible terrorist attack, Brody said. "We don't have a formal mobile app for HSIN," he said. But without power, users still were able to use browsers on mobile devices to access the Web portal and keep information flowing about the blackout. It turned out that the 34-minute outage was due to the failure of a relay on a cable linking the Superdome to the electric grid and not to terrorists or a conspiracy on the part of the Baltimore Ravens against the San Francisco 49ers. --- William Jackson