From Whom is the Information Collected?

Information in SENTINEL is collected from numerous sources. Some information may be collected directly from individuals, such as employment applicants, crime victims and witnesses, human sources, and members of the public. Other information may be provided by other law enforcement agencies, including state, local, tribal, and foreign, as well as by other government agencies, including civilian, military, and homeland security. Information may also be collected from private sector entities and open source intelligence (such as newspapers, the Internet, or television broadcasts).

Information on FBI employees is generally collected directly from them unless the FBI employee becomes the subject of an investigation. In that case, the employee is considered the same as any other individual under investigation.

In the law enforcement and intelligence contexts, if an individual is the subject or potential subject of an investigation or intelligence collection,it is often necessary to acquire information from sources other than the individual. At times, vital information can only be obtained from other sources that are familiar with the individual and his/her activities. In some cases, asking an individual directly for information could compromise ongoing investigations because the individual would then know that he or she is being investigated.

Where are the servers??

Who can access the files?

Name log of all who have access?

>>10503955

Sharing

Internal Sharing

As a general rule, SENTINEL case information will be available to all FBI users with a need for the information in the performance of their duties, except where there are additional restrictions imposed by law or policy. For example, certain data will have limited access based on policy promulgated by the FBI’s Information Sharing Policy Board (ISPB). In addition, certain data may be limited based on the Case Manager’s discretion. Documents within the case file can be restricted from viewing by an employee with the authority to restrict. Access to information restricted by law or policy (e.g., federal grand jury material) or highly sensitive case file information (espionage, public corruption information, source identity) will also be limited. Finally, individuals under the supervision of the FBI, such as other government agency (OGA) and contractor personnel, will have limited access to case information based on law, memoranda of understanding, Attorney General Guidelines, and FBI policy notices and directives.

It is essential to FBI law enforcement and national security missions that all FBI employees involved in case work have the maximum access permitted by law to all case-related information in SENTINEL in order to coordinate related cases, discover relationships among seemingly disparate subjects, and, in general, to “connect the dots” and identify gaps in the FBI’s mission coverage.

Other system record categories, those not involving criminal and national security cases and intelligence, will have additional access restrictions related to the particular category of records, sensitivity of the information, and need to know. Examples include: personnel records (such as those relating to FBI employee recruitment, background investigation/re-investigation, management, and performance) are restricted to human resource (HR) personnel, and even as to HR personnel access to each personnel file is limited to the appropriate HQ and field office HR personnel; and the only Enterprise Directory System (EDS) attributes that are exposed to the general user population are names, office assignment, telephone number and office email (any other personally identifying information is either not used in SENTINEL or is limited to a small number of admin personnel who are responsible for assigning roles and other office assignments); sensitive contractual/procurement information is limited to those working on the particular issues; and background investigations of non-FBI personnel (e.g., White House personnel and presidential appointments) are restricted.

SENTINEL provides case and lead statistics, document text/attributes, case information and indexing information, and law enforcement information to a number of discrete systems within the FBI to enable them to perform specific functions related to law enforcement and national security investigations and intelligence collection and analysis. This sharing feature is performed through electronic interfaces to which each authorized user has access through icons on his or her desktop, or through similar technology. SENTINEL also shares case file information with data warehouses, such as the Data Integration and Visualization System (DIVS), and the Foreign Terrorist Tracking Task Force (FTTTF). These warehouse systems are designed to provide authorized FBI and task force users federated1 query capability to a number of FBI and other federal agency data sets for broad-based searches and analyses.

In addition, SENTINEL provides administrative data to those FBI systems that are involved in hiring and employee management of FBI employees. The systems that may receive Sentinel data have their own access controls as an additional privacy feature. The functions and the information collected by each system are described in approved PTAs or PIAs listed on the FBI OGC internal website or published on the FBI’s Internet website. SENTINEL receives information on FBI personnel from several systems. Information from the Enterprise Directory System, for example, is used for managing the system’s access controls capability. Information from QuickHire, an online system that is used to complete, review, and process job applications, uploads information into SENTINEL to be indexed.

>>10503955

>>10503977

External Sharing

Given the mandate for robust information sharing with law enforcement and intelligence community partners, SENTINEL will share information with state and local law enforcement organizations as well as with other federal law enforcement and intelligence agencies. In some cases, sharing will occur by direct access and data transfers to certain OGAs. That said, information will only be shared to the extent that sharing is legally permissible and appropriate. Certain information may be marked with caveats regarding dissemination restrictions (such as medical and juvenile information). Information subject to Privacy Act protections will only be shared as permitted by the Privacy Act, including routine uses established for the FBI Central Records System (JUSTICE/FBI-002) or other applicable system of records notices. (This includes disclosures to individuals with direct access, who will not be given access unless appropriate disclosure authority exists and who must agree to follow the rules of behavior applicable to FBI systems (which include privacy protection rules) and who receive yearly training on these rules). In addition, any direct access to SENTINEL by external users (primarily Task Force Officers (TFOs)) is controlled by rules defined by the FBI’s Information Sharing Policy Board (ISPB). Security groups (there currently are17) have been created to limit access to a set of agreed upon case classifications determined by each group’s need to know.

>>10503983

>>10503977

>>10503955

Anons

Watch this clip.

Section 6: Information Security

6.1 Indicate all that apply.

Monitoring, testing, or evaluation has been undertaken to safeguard the information and prevent its misuse. Specify: Throughout the development process, the SENTINEL test team continuously tested the code, including the data access controls. In addition, independent tests and reviews were conducted by a contractor Independent Verification and Validation team and the Security Division (Certification and Accreditation team (C&A).Audit logswill be provided to the Enterprise Security Operations Center (ESOC) on a daily basis for monitoring of potential system misuse.

Auditing procedures are in place to ensure compliance with security standards. Specify, including any auditing of role-based access and measures to prevent misuse of information:

Local monitoring of audit logs occurs as part of routine SENTINEL operations, and events can be escalated for ESOC analysis. All Operating System, Database and Get/Put logs are provided to the ESOC on a daily basis. The Enterprise Operations Center will perform network level monitoring.

System audit logsare reviewed on a daily basis by the Security Administrator with auditor privileges.Audit logscan only be accessed by theInformation Systems Security Officer and specific privileged users.Audit reports of specific events can be requested. General users cannot view, change, or delete the audit logs. The system will meet the requirements contained in the FBI certification and accreditation handbook, and relevant NIST information security standards and Special Publications.

>>10504111

Internally, there is a risk that users without a need to know the information will be able to gain inappropriate access to SENTINEL data. However, this risk should be minimized by the use of role-based access control. In addition, all users of SENTINEL will receive “appropriate use” training and sign a set of Rules of Behavior prior to being granted access. SENTINEL will have a detailed auditing capability that will be integrated with the existing Enterprise Security Operations Center (ESOC), and audit logs will be reviewed regularly. There is also a risk that, with the “single sign on” capability planned for SENTINEL, authorized SENTINEL users will thereby gain access to other interfaced systems to which they should not have access. This risk will be mitigated by preserving role-based access controls to these interfaced systems. Permission will be needed for access to various internal systems and that permission will not be granted without a need to know and appropriate training. Finally, there is always the risk that trusted authorized users will betray that trust and misuse the data to which they have access. That risk will be mitigated by extensive supervisory controls—including a supervisor’s enhanced ability to more effectively monitor a subordinate’s workload—as well as a robust auditing program. The following are examples of role based access controls in place:

A. General roles and privileges:

1. Supervisor - Assign leads; approve documents; view squad current workload.

2. Evidence Control Technician – manages evidence (charge in / out; inventory; disposition).

3. Organization Unit Administrator (OU Admin) – manage lead routing rules for their offices; make office squad assignments).

4. Lead Manager – re-route leads within their office.

5. Operational Support Technician (OST/Admin) – upload externally approved documents.

6. Non-FBI (Contractor; TFO) – view case info based on case classification rules.

>>10504111

Users will directly access the SENTINEL application through their FBINET workstation. SENTINEL supports single-sign on. After logging into FBINET, an authorized user will launch the SENTINEL application by clicking on the desktop SENTINEL icon. An authorized user’s FBINET (Active Directory) identifier will be passed to the SENTINEL application for authentication. The application will first verify that the FBINET user id has an active SENTINEL account before assigning roles and allowing the user the appropriate access to the application. Not all FBINet accountholders will have SENTINEL accounts. All FBI employees (including both agent and support personnel) will be granted SENTINEL accounts. Other FBI personnel (including contractors and task force officers (TFOs) must have their access request approved by an FBI supervisor and must be granted an Accessor ID (ACID). Similarly, authorized other government agency (OGA) personnel must have their access request approved by an FBI supervisor and must be granted an ACID. Contractors, TFOs and OGA personnel with ACIDs will be assigned into role-based access groups and be provided limited access to case information in SENTINEL based on FBI policy. Any new FBI employee will be automatically granted access to SENTINEL when they are provided an FBINET account. System Access Requests (SARs) for approving SENTINEL accounts for any new non-FBI personnel will be processed through the existing Enterprise Process Automation System (EPAS).

As described above, SENTINEL is a case management system and enables FBI employees the ability to create case documents and submit them through an electronic workflow process. Supervisors, reviewers, and others involved in the approval process can review, comment, and approve the insertion of documents into appropriate FBI electronic case files. Upon approval, the SENTINEL system serializes and uploads the documents into the SENTINEL repositories, where the documents will become part of the official FBI case file. SENTINEL will use the FBI’s public key infrastructure (PKI) services to apply digital signatures on electronic documents that will become a part of the official case file. The digital signature ensures information authenticity, integrity, confidentiality, and non-repudiation guarding against improper information modification or destruction of official records. Any SENTINEL user who does not have a PKI card or personal identification number (PIN) will still be able to search for information in SENTINEL, based on their access privileges. However, they will not be able to digitally complete or sign documents in SENTINEL.

>>10504111

AUDIT OF THE STATUS OF THE

FEDERAL BUREAU OF INVESTIGATION’S

SENTINEL PROGRAM

Download link to pdf.

https://oig.justice.gov/reports/2014/a1431.pdf

More.

SENTINEL AUDIT V: STATUS OF

THE FEDERAL BUREAU OF

INVESTIGATION’S CASE

MANAGEMENT SYSTEM

U.S. Department of Justice

Office of the Inspector General

Audit Division

Audit Report 10-03

November 2009

http://www.usdoj.gov/oig/reports/FBI/a1003_redacted.pdf

>>10504202

Sentinel is a software case management system developed by the US FBI with the aim to replace digital and paper processes with purely digital workflows during investigations.[1] There was a previous failed project called Virtual Case File.

The project started in 2006 with a $425 million budget. After several delays, new leadership, a slightly bigger budget, and adoption of agile software development method,[2] Sentinel was completed under budget and was in use agency-wide on July 1 2012.[3]

An audit of the program in 2014, two years after completion, revealed ongoing issues with Sentinel's search function, with only 42 percent of surveyed FBI employees indicating that they often found results they needed.[4][5] In spite of this, the audit was broadly positive, and found that most FBI employees reported that Sentinel enhanced their ability to enter and share case information.

https://web.archive.org/web/20120402215006/http://www.informationweek.com/news/government/enterprise-apps/232800018

http://www.fiercegovernmentit.com/story/fbi-puts-sentinel-hold/2010-03-21

http://www.informationweek.com/applications/fbis-sentinel-project-5-lessons-learned/d/d-id/1105637?

https://www.newsweek.com/fbis-expensive-sentinel-computer-system-still-isnt-working-despite-report-272855

https://oig.justice.gov/reports/2014/a1431.pdf

Lockheed Martinhas ties to FBI sentinel

FBI turns troubled into triumph with Sentinel system

https://www.federalnewsnetwork.com/ask-the-cio/2012/08/fbi-turns-troubled-into-triumph-with-sentinel-system/amp/

Lockheed Martin Awarded FBI Sentinel Contract

$305 million Program to be the centerpiece of FBI's IT Infrastructure

https://news.lockheedmartin.com/2006-03-16-Lockheed-Martin-Awarded-FBI-Sentinel-Contract

Sentinel acronyms

ACRONYMS

ACS Automated Case Support

BMT Business Management Team

BPR Business Process Reengineering

BPMS Bureau Personnel Management System

COTS Commercial Off-The-Shelf

CPM Critical Performance Measures

EC Electronic Communication

EDS Enterprise Directory Services

EVM Earned Value Management

FBI Federal Bureau of Investigation

FD Field Document

FOC Full Operating Capability

GAO U.S. Government Accountability Office

IAM Identity Access Management

IT Information Technology

ITIM Information Technology Investment

Management

ITOD Information Technology Operations Division

IV&V Independent Verification and Validation

LCMD Life Cycle Management Directive

O&M Operations and Maintenance

OCM Organizational Change Management

OIG

OMB

Office of the Inspector General

Office of Management and Budget

PIT Program Integration Team

PKI Public Key Infrastructure

PMO Program Management Office

POA&M Plans of Action and Milestones

RIA Report of Investigative Activity

RMD Records Management Division

SACS Security Access Control System

SDU Systems Development Unit

SEP Sentinel Enterprise Portal

Mueller

Is involved

Office of the Inspector General Audit Approach

The OIG conducted this audit to assess Sentinel’s functionality, its impact on

the FBI’s efficiency, and the FBI’s ability to share information. We also examined

Sentinel program costs incurred and budgeted, and system improvements

completed and planned since Sentinel was deployed. We interviewed Sentinel

users and conducted a survey designed to gather information about system

deployment, system usage, ease of use, the quality of training, and whether

Sentinel users were satisfied with Sentinel and viewed it as an improvement over

ACS. We sent the survey to 2,513 FBI employees and we received 1,150 responses

to the survey.

To optimize and customize our surveys for the appropriate audiences, we

interviewed Special Agents, Supervisory Special Agents, Operational Support

Technicians (OST), Support Services Technicians (SST), Intelligence Analysts,

Electronic Surveillance (ELSUR) Technicians and Evidence Custodian Technicians

(ECT), and other personnel in field offices and FBI headquarters. Because Sentinel

users with different job titles require different functions of Sentinel, we deployed

four different versions of our survey according to job title: (1) Special Agents;

(2) Supervisory Special Agents; (3) ECTs, ELSUR Technicians, and Operational

Support Technicians; and (4) All Other Positions.17 In addition, to track further

enhancements and developments on Sentinel, we interviewed the Sentinel Project

Manager and Chief Technology Officer, the Chief Information Officer, Sentinel Lead

Developer, the Information Technology Engineering Division Assistant Director, and

additional Special Agents. Finally, we reviewed Executive Steering Committee

minutes and the release notes for each build of Sentinel.

15 Delta is the FBI’s confidential human source management system and iData is the

Intelligence Data Association and Tagging application.

16 Sentinel 1.5 is a development effort to add functionality to Sentinel that will support the

specific needs of the FBI’s Intelligence Analysts. Development of Sentinel 1.5 began in October 2013

and is scheduled to be deployed in October 2014.

17 For the All Other Positions survey, respondents were asked to identity their job titles. The

Intelligence Analyst position represented 28 percent of the participants who completed the All Other

Positions survey.

As part of our audit follow-up process, we also assessed the FBI’s efforts to

implement corrective actions in response to our prior recommendations and

determined that all of these recommendations have been adequately addressed.

Appendix I contains a more detailed description of our audit objectives, scope, and

methodology.