There are plenty of solutions touting non-attribution benefits specifically for government organizations. But buyer beware – not all systems are the same. Any procurement officer must look for certain criteria before purchasing, including:
- Years in Operation/Development: Is the provider an established entity, or a "Johnny-come-lately?"
- Denial of Service/Intrusion Protection: Are the provider’s systems and infrastructures hardened against Internet threats?
- Social Engineering Safeguards: Does the provider have security measures in place to ensure the contacts visible are completely unaware of the provider’s involvement or the identity of the customer?
- Internal Compromise: Can the provider prevent its own employees from knowing the identities and activities of its customers?
- Timeliness: Is the solution off-the-shelf and turnkey for rapid deployment and utilization?
- Single Network Limitations: Will the provider be able to acquire network space from many independent ISPs from around the globe?
The ease of accessing information on the Web and attacking the networks of where such data resides has created a false sense of security that can be exploited by insurgent organizations and criminals using new and powerful tools at their disposal. The only way for government agencies to circumvent this threat is to completely protect user identities through anonymous Web surfing systems, making this a new requirement while online.