The Fax of the Matter
In the 1980s no workplace was without a fax machine. In today’s digital world the need to fax documents is largely redundant. Or is it? Not if you need to send a classified file.
It is patently obvious that some documents have to be kept under very strict protection from exposure because they contain military or state secrets that cannot be revealed without immediately negative repercussions.
What is less well known is that huge numbers of documents in regular use by government agencies are classified in the same way but are rather less critical to the safety and security of the nation at large. While less sensitive they are nonetheless considered secret and must be treated with the same attention to security as all other classified documents. There are lots of them.
This conundrum creates two challenges for government agencies in their efforts to operate as efficiently as possible while maintain at all times the required level of confidentiality for those documents falling into the classified category.
The first of these is how to transmit something between two different but related government departments without exposing it to capture by WikiLeaks, foreign governments, spies or general malcontents.
In today’s world of Encrypted Email, Virtual Private Networks, Biometric Authentication and Impenetrable Firewalls it ought to be straightforward to engineer a system for transferring documents and files between different agencies without the risk of them being comprised, stolen or manipulated. In many respects that is the case.
The long history of espionage however and recent exposures of all manner of interference with what should have remained confidential belies this. We have foreign governments disseminating emails internal to political parties, diplomatic reports from overseas embassies published on the Internet, and large multinational companies admitting sheepishly that their entire customer database has been compromised.
Communications facilities are undoubtedly ubiquitous and almost frightening in their speed and capacity but they are also gaining a reputation for their susceptibility to intrusion. Even the best encryption algorithms can be compromised if there is enough data to work with. In the right circumstances, valuable information can be gleaned from a data stream without actually decrypting it.
All of this tends to make those responsible for the integrity of classified data look to basic principles found trustworthy over many generations. The simplest of these is to ask the question: “At how many stages is this data outside my direct control?”
It is axiomatic that any file transfer involving the Internet includes dozens of interchange points and bridges that are well outside the control of the participants of the transfer. A single packet of data may pass through many diverse routers and access points on its way from sender to receiver. The famous Metropolitan Area Exchanges that are the backbone of the Internet in the US are unlikely to be platforms for snoopers but some of the outliers may be more vulnerable. How can the exposed legs of a transfer be reduced or eliminated?
Historically, and before the advent of the Internet, this was less of a concern because all communication was via the telephone network. A connection made between two telephones is point-to-point. That is, any data travels directly from one end to the other end after the link is created and this is then closed after the call. It is a dedicated one-off connection.
This is much harder to intercept than traffic through an Internet router that is a permanent part of the network in use. To enhance this resistance to interception some government agencies commissioned their own private phone networks entirely isolated from the public one.
Since the bulk of the requirement was to exchange classified documents it became the practice to use fax as the mechanism to accomplish this. To further ensure confidentiality these fax machines relied on modems that were encrypted to a very high degree and supplied under exclusive control of the NSA.
Non-standard fax machines were needed but the combination of dedicated connections, Secure Telephone Equipment and those specialized fax machines meant that exceptional security could be obtained and even the most sensitive documents could be transferred with considerable peace of mind.
It is the second challenge that is today becoming something of a nightmare for those tasked with organizing and managing communications in modern government agencies. The number of classified documents continues to increase and, perhaps more importantly, their nature is changing.
Historically the government office was paper based so sending a printed document was an acceptable method of communication and the volume of such transmissions could be handled by a secretariat and a dedicated secure fax machine usually housed in a basement room.
In today’s world, the desired transfer my involve a spreadsheet, GIF images, maps, PDFs, database files and all manner of material that is wholly unsuitable to being converted into a fax and transmitted as a printed document. The need is to be able to transfer any file so that it is received as an exact copy of that transmitted by the sender. We need to do files rather than just printed documents.
In addition there is a powerful need to eliminate the physical requirement for human intervention. It is no longer acceptable for staff members to attend to a device and feed sheets of paper into it or stand over a receiving machine to collect a sensitive inbound document.
The use of point-to-point dedicated links employing the best encryption in the form of Secure Telephone Equipment remains the foremost mechanism for transferring sensitive data.
This reliable and robust facility needs to be modernized to eliminate the fax machine and open up the ability to transfer classified files of any sort, automatically and with minimum operator intervention.
About the Author:
James E. Abbey is CEO of Preston Abbey, specialists in the secure exchange of classified files.