Skip to content

US Digital Services Playbook Play 11

Jump to bottom
mattkwong-kpmg edited this page Mar 3, 2017 · 5 revisions

#Play 11: Manage Security and Privacy through Reusable Processes Our digital services have to protect sensitive information and keep systems secure. This is typically a process of continuous review and improvement which should be built into the development and maintenance of the service. At the start of designing a new service or feature, the team lead should engage the appropriate privacy, security, and legal officer(s) to discuss the type of information collected, how it should be secured, how long it is kept, and how it may be used and shared. The sustained engagement of a privacy specialist helps ensure that personal data is properly managed. In addition, a key process to building a secure service is comprehensively testing and certifying the components in each layer of the technology stack for security vulnerabilities, and then to re-use these same pre-certified components for multiple services.

The following checklist provides a starting point, but teams should work closely with their privacy specialist and security engineer to meet the needs of the specific service.

##Checklist

  • 1. Contact the appropriate privacy or legal officer of the department or agency to determine whether a System of Records Notice (SORN), Privacy Impact Assessment, or other review should be conducted

Not applicable for this prototype.

  • 2. Determine, in consultation with a records officer, what data is collected and why, how it is used or shared, how it is stored and secured, and how long it is kept

For the purposes of our prototype, no sensitive information is collected and the database will be refreshed at regular intervals to clear user input information.

  • 3. Determine, in consultation with a privacy specialist, whether and how users are notified about how personal information is collected and used, including whether a privacy policy is needed and where it should appear, and how users will be notified in the event of a security breach

Due to the limited scope of the prototype, no personal information is collected and a privacy policy was not deemed necessary.

  • 4. Consider whether the user should be able to access, delete, or remove their information from the service

Due to the limited scope of the prototype, no personal information is collected.

  • 5. “Pre-certify” the hosting infrastructure used for the project using FedRAMP

KPMG is a certified FedRAMP assessor.

  • 6. Use deployment scripts to ensure configuration of production environment remains consistent and controllable

As part of our Continuous Integration process, once the technical architect approves and merges a code change to the master branch the code is automatically deployed to the development environment. A similar process, including approval from the Product Owner, is used to automatically deploy a build to the testing and production environments. This is all accomplished using Github, Jenkins, and Docker.

##Key Questions

  1. Does the service collect personal information from the user? How is the user notified of this collection?

Due to the limited scope of the prototype, no personal information is collected.

  1. Does it collect more information than necessary? Could the data be used in ways an average user wouldn’t expect?

We designed the prototype to collect only the information necessary to perform its functions.

  1. How does a user access, correct, delete, or remove personal information?

Due to the limited scope of the prototype, no personal information is collected.

  1. Will any of the personal information stored in the system be shared with other services, people, or partners?

Due to the limited scope of the prototype, no personal information is collected.

  1. How and how often is the service tested for security vulnerabilities?

Not applicable for this prototype.

  1. How can someone from the public report a security issue?

Not expected for this prototype however GitHub issues and/or Pull Requests may be submitted.

#US Digital Services Playbook

  1. Play 1 Understand what people need
  2. Play 2 Address the whole experience, from start to finish
  3. Play 3 Make it simple and intuitive
  4. Play 4 Build the service using agile and iterative practices
  5. Play 5 Structure budgets and contracts to support delivery
  6. Play 6 Assign one leader and hold that person accountable
  7. Play 7 Bring in experienced teams
  8. Play 8 Choose a modern technology stack
  9. Play 9 Deploy in flexible hosting environment
  10. Play 10 Automate testing and deployments
  11. Play 11 Manage security and privacy through reusable processes
  12. Play 12 Use data to drive decisions
  13. Play 13 Default to open
Clone this wiki locally