ERS meets the federal guidelines for authentication as indicated in OMB’s
E-Authentication Guidance for Federal Agencies, NIST’s Special Publication
800-63, and FIPS Publication 199. ERS authentication is appropriate to the risk
and cost. ERS security and authentication is in keeping with RRB’s policy and
guidelines. See Enterprise Architecture Strategy, by BIS 6/11/03.
The first table below shows the assurance levels assigned by OMB in their
Attachment A of Memorandum to the Heads of All Departments and Agencies
(M-04-04). The second table below shows how ERS is rated in each of the six
categories. Based on the assigned values for the six categories, ERS requires an
Assurance Level 2 authentication.
The following descriptions of the potential harm or impact are taken
from M-04-04. All levels are listed for comparison but the level assigned to ERS
is in bold and a brief explanation follows the description. The risk from an
unauthorized access takes into account not only the potential impact but also
the likelihood of such impact.
- Potential impact of inconvenience, distress, or damage to standing or
reputation:
Low - at worst, limited, short-term inconvenience, distress, or embarrassment
to any party.
The impact is low because unauthorized access to ERS could not bring down ERS
and could not yield access to any other system.
Moderate - at worst, serious short term or limited long-term inconvenience,
distress or damage to the standing or reputation of any party.
High - severe or serious long-term inconvenience, distress or damage to the
standing or reputation of any party (ordinarily reserved for situations with
particularly severe effects or which affect many individuals).
- Potential impact of financial loss or agency liability:
Low - at worst, an insignificant or inconsequential unrecoverable financial
loss to any party, or at worst, an insignificant or inconsequential agency
liability.
The impact is low because if an unauthorized user gained access to ERS for
the purpose of personal gain, there would be a very minimal amount of service
and compensation (4 to 5 years) that could be added to an account without
examiner review. The limited available information would yield a minimum
financial loss to the agency in terms of erroneous RUIA benefits or an erroneous
increase in RRA benefits. Such activity may be detected in various annual file
comparisons and review operations in which case the erroneous benefits would be
recovered.
Moderate - at worst, a serious unrecoverable financial loss to any party, or
a serious agency liability.
High - severe or catastrophic unrecoverable financial loss to any party; or
severe or catastrophic agency liability.
- Potential impact of harm to agency programs or public interests:
N/A- We determined that this was not applicable because an unauthorized user
cannot get from ERS to any other agency programs. (If we determined this to be
low, the assurance level would still be 2.)
Low - at worst, a limited adverse effect on organizational operations or
assets, or public interests. Examples of limited adverse effects are: (i)
mission capability degradation to the extent and duration that the organization
is able to perform its primary functions with noticeably reduced effectiveness,
or (ii) minor damage to organizational assets or public interests.
Moderate - at worst, a serious adverse effect on organizational operations or
assets, or public interests. Examples of serious adverse effects are: (i)
significant mission capability degradation to the extent and duration that the
organization is able to perform its primary functions with significantly reduced
effectiveness; or (ii) significant damage to organizational assets or public
interests.
High - a severe or catastrophic adverse effect on organizational operations
or assets, or public interests. Examples of severe or catastrophic effects are:
(i) severe mission capability degradation or loss of to the extent and duration
that the organization is unable to perform one or more of its primary functions;
or (ii) major damage to organizational assets or public interests.
- Potential impact of unauthorized release of sensitive information:
Low - at worst, a limited release of personal, U.S. government sensitive, or
commercially sensitive information to unauthorized parties resulting in a loss
of confidentiality with a low impact as defined in FIPS PUB 199.
The impact is low because an impersonator might potentially have access to
personal information but only to a very limited amount. The exact information
accessible depends on what information was available to the impersonated
employer at that time. Information is further limited by ERS. For example, only
seven years of service and compensation information is available to the BA-4
process.
Moderate - at worst, a release of personal, U.S. government sensitive, or
commercially sensitive information to unauthorized parties resulting in loss of
confidentiality with a moderate impact as defined in FIPS PUB 199.
High - a release of personal, U.S. government sensitive, or commercially
sensitive information to unauthorized parties resulting in loss of
confidentiality with a high impact as defined in FIPS PUB 199.
- Potential impact to personal safety:
N/A - A breach of ERS security has no impact on personal safety.
Low - at worst, minor injury not requiring medical treatment.
Moderate - at worst, moderate risk of minor injury or limited risk of injury
requiring medical treatment.
High - a risk of serious injury or death.
- The potential impact of civil or criminal violations is:
Low - at worst, a risk of civil or criminal violations of a nature that would
not ordinarily be subject to enforcement efforts.
The impact is low because civil or criminal violations are rare, particularly
by employers, and are not ordinarily subject to enforcement efforts.
Moderate - at worst, a risk of civil or criminal violations that may be
subject to enforcement efforts.
High - a risk of civil or criminal violations that are of special importance
to enforcement programs.
.
We recommend using the latest version.
