Following a July 16 letter by former government officials requesting disclosure of 2020 Census cybersecurity policies, the U.S. Census Bureau issued a statement today affirming its “robust cybersecurity program” and ensuring interested parties that cybersecurity remains paramount at the bureau. However, it said it was declining to reveal all of its encryption policies “as a matter of data security.”
“We have incorporated industry best practices and follow Federal IT security standards for encrypting data in transmission and at rest,” the bureau said in a press release.
One of the main concerns cited in the July 16 letter was a lack of disclosure over whether Census uses two-factor authentication for anyone accessing its data. Today, it put the question to rest.
“As a matter of data security, we do not disclose our specific encryption methods, but we would like to note, in response to the concerns of the letter, that two-factor authentication is required for all who access the data,” the bureau said.
The press release also provided video resources – from April and June of this year – where representatives discussed the bureau’s cybersecurity posture.
“While many of our defenses are invisible to the public, know that we have strong and resilient security measures protecting every respondent’s information,” the Census Bureau said.