According to Nextgov, the Homeland Security Department wants to trade in its current software, which is used to analyze biometric data across the globe, and store all of that information on Amazon’s cloud.
The current platform, called the Automated Biometric Identification System (IDENT), will be replaced by a system hosted by Amazon Web Services (AWS). IDENT currently houses the biometric information, which includes fingerprints and other “biological” data that authorities can use to identify a person, threat, terrorist, etc., of more than 250 million people worldwide.
The Homeland Security Department will replace IDENT with HART – the Homeland Advanced Recognition Technology System. This newer system will be more robust, Nextgov says, and will contain similar tools used in IDENT, but with some improvements, such as “tools that could identify individuals based on DNA, palm prints, scars, physical markings and tattoos.”
Nextgov also says that HART will live in the AWS FedRAMP certified GovCloud, where it should be well protected: “Amazon Web Services’ GovCloud US-East and US-West regions are data centers specifically built by the company to house some of the government’s most restricted information. AWS is no stranger to hosting sensitive government data, having already claimed the CIA, Defense Department, NASA and other federal agencies as customers in part because of perceived security improvements over government legacy systems.” Previously, IDENT was stored in other government-run data centers.
But how secure will HART be?
One of the biggest questions of this new implementation will be, how secure is it? Arguably, there’s no such thing as an airtight, “un-breachable” database; in fact, 2019 has seen one of the costliest string of breaches, and the year is only half over. For example, the Oklahoma Department of Securities fought through a breach that affected millions of files, some of which involved FBI investigations. The likely cause of the breach was due to its web server reaching its end-of-life in 2015, without any attempts to update vulnerabilities.
As a result, decision makers looking to invest in a large biometrics data upgrade similar to the Homeland Security Department should keep an eye on how its implementation is handled, and if it is successful. This especially includes mistakes, or breaches on the new system. Decision makers may also consider how the collection, storage and usage of biometrics information is perceived, since many programs are currently under fire for privacy protection issues, such as facial recognition software.
Eventually all the data will end up with Amazon, Apple, Alphabet or Facebook. We have nothing to do in it. They have grown in size which is beyond anyones control.