While government might seem behind the times as Americans are already accessing massive amounts of data through their cell phones, smart phones and other Internet-connected devices, the “Federal Executive Insights on Mobility in Government”opening panel for FOSE 2011’s Enabling the Mobile Government Workforce session track showcased how agency officials view their data and what they’re doing to get that data out to you.
NSA’s Troy Lange, speaking on a panel at FOSE, Federal Executive Insights on Mobility in Government.
This session gave FOSE 2011 attendees a new look inside the mobilization efforts of govenment. Here are a few key points that were made:
- Mark Day, Chief Technology Officer at Department of Housing and Urban Development (HUD), said that data about the housing market is important to get out to the public. Mobile applications, for example, can allow people to help flooding victims find rental properties. On the whole, mobile applications / platforms are available. The real challenge is getting the data to those applications. HUD, said Day, wants to be device agnostic. The challenge is presenting data that people can use. Day stressed the need to partner more with the private sector to make use of existing platforms to get data out there.
- Tim Schmidt, Chief Technology Officer at Department of Transportation (DOT), echoed what Day said about the need to get the data out there. He said that the focus is on making content more rational so it can reach multiple devices. DOT wants to get applications and data to the market quickly. Schmidt also discussed new mobile technology, like the IntelliDrive program designed to enable cars to communicate, so drivers can know where all cars are on the road. Mobile has great potential to improve road safety
- Gloria Richmond, Air Traffic Control Communications Administrative Telecommunications Manager at Federal Aviation Administration, talked about the FAA’s move to a VOIP (voice over IP) structure, which gives their workforce more mobility. She said that mobilizing those who work on keeping the flying public safe by getting them “into the field” is a significant step forward.
- While all the panelists talked about the availability of technology and the need to get data and information out and available to the public, each stressed the need for security.
- Troy Lange, Mission Manager for Mobility at the National Security Agency, talked about how good mobile technology can be used for malevolent purposes. For example, how do you stop rouge transmissions that interfere with a system like IntelliDrive? How do you prevent terrorists or other hostile individuals from stealing government assets (mobile devices) and being able to use them? At the end of the day, Lange said that “we have to come up with a way to make things secure and balance that with the user experience.”
In terms of mobility in government, it is clear that the heads of government agencies want to get make their data available for public consumption and to work more closely with the private sector. The government wants to get information to market faster, and not be in the business of developing new technology platforms.
Perhaps the greatest challenge, however, rests on the government’s desire to offer a positive user experience, while maintaining that delicate balance with security.
FOSE 2011: Cartwright Stresses Digital Modernization, Competitiveness as Keys to Military and Government
There will be more than a few perspectives offered today on U.S. Marine Corps General James “Hoss” Cartwright, vice chairman of the Joint Chiefs of Staff’s “Competitive Advantage for the Warfighter” opening keynote at FOSE. In listening to the General speak I found that he sounded at times like a chapter out of Alvin Toffler’s The Third Wave, talking at length about the need for digital modernization and a departure from industrial era thinking.
General James E. Cartwright, USMC, delivers the opening keynote at FOSE 2011
Key points from General Cartwright’s opening keynote:
- We are faced with a $15 trillion deficit. Even if we shut down the DoD for 10 years we would still not pay that off. The financial realities coupled with our moving from an industrial age to a digital age present significant challenges.
- “What are the implications of social media?” Cartwright says the DoD needs to understand social media better. One person’s collaboration tool is someone else’s weapon. So, what does social media mean to the military? How do you deal with it across the globe? As an example, he talked about the “Arab Spring.” In Egypt and elsewhere, you have large groups of people massing quickly through social media, but they have limited decision-making ability. How do you respond to that? This is a challenge for the military going forward.
- In his view, the cyber command is critical. But Cartwright stresses that we cannot keep it isolated – people have to know what technology assets are at their disposal. Perhaps General Cartwright’s most controversial comment was that the DoD is “in the Stone Age.” But he emphasized that he’s the type who is never happy with the way things are.
- DoD needs to find ways to modernize more quickly and efficiently. He again touches on the idea of moving from the industrial age or factory model of production / development to a more technologically sophisticated approach. One would think that this applies to the acquisition process in the government as a whole – not just DoD.
- “People will tell you the solution to everything is the cloud. It’s not.” Yet, he does believe the cloud is a huge leveraging tool. But at the end of the day, the DoD has the processing power and storage. The challenge is moving that data around and making it mobile, while keeping it secure.
- Another key set of comments from Cartwright were on culture. He said that culture bias in government and the military creates challenges to progress. People are used to doing things a specific way. Some culture changes have not lasted, and people have reverted back to the old ways of doing things that are not optimal for the modern age. Cartwright stressed, “Perfect information late is useless.” Regardless, Cartwright does believe that “diversity will always carry this nation further” than one inventor.
With so much buzz around cloud computing and server security, I went where GovWin, the government and countless other companies go to get answers: Carpathia Hosting.
Michael Fox, director of public sector for Carpathia, and I had a chance last month to sit down and talk at their headquarters in Dulles, Virginia. I asked what he thinks about government cloud initiatives and what Carpathia is doing in the government space.
Is the cloud a fad? Is cost efficiency a driver for success? What about security? Hear Fox’s response in the embedded video below:
- On the General Services Administration: “GSA, I believe is really trying to blaze a trail… GSA has really gotten out in front to, in effect, answer the question, ‘How do you certify a cloud environment?'”
- “The real long pole in the tent is whether the government will adopt [the cloud] because of the security and data integrity perspective. If we can answer that question, and they are comfortable with putting those environments into these outsourced solutions, I think it will be a snowball rolling down the hill.”
- “I do agree that cloud is more complex. The management of it is more complex, you have more areas to focus on. However, in general, you’re doing the same things in the cloud as you’re doing in a dedicated or in-house environment.”
Background on Carpathia Hosting
Carpathia Hosting is a leading provider of managed hosting services, delivering secure, reliable and compliant IT infrastructure and management for some of the world’s most demanding enterprises and federal agencies.
I was aware of Carpathia before I joined GovWin.com, and even prior to my days as a technology reporter for dcTechSource. Carpathia has a strong reputation in the Washington, D.C., region as a hosting and cloud provider and technology leader.
The company was founded in 2003, and has grown to provide enterprise hosting solutions including collocation, managed services and cloud computing.
For more information, visit Carpathia Hosting at: http://carpathia.com
There is no doubt that high-profile security breaches in the public and private sector shine a bright light on the importance of addressing network vulnerabilities. However, online and network security is not something just for government agencies, prime contractors and big, high-profile companies, but for smaller enterprises as well.
Why Would Anyone Hack MY Network?
The truth of the matter is – every company has customer lists, financial records and other data worth stealing. In addition, government contractors have been specifically targeted, starting with the largest contractors and moving down to smaller ones.
In fact, because you are a small to mid-sized business, you may be a more inviting target for skilled hackers and scam artists, who may see you as less-protected, or because you’re viewed as a stepping-stone to attacking another company or an agency customer.
Being prepared and well-informed is an essential best practice for every company, but especially so for government contractors.
Cybersecurity Tips for Government Contractors
Train Your Employees and Communicate Often
Your company needs to outline a set of basic security practices and train employees about those policies and how they can best protect your company’s network. For example, according to a recent study commissioned by the Department of Homeland Security, 60% of contractor and agency staffers plugged unknown USB drives into their computers, potentially exposing them to malicious programs. (A study by a British secure USB stick manufacturer put it at 76%.) So develop a policy, train your workers and keep data management procedures fresh and top of mind throughout the year.
Use Strong Passwords and Change Them Regularly
As much as we want to use easy-to-remember passwords like a birthday, favorite pet or the street where we grew up, those items (as well as any words found in the dictionary) are the easiest passwords to hack. Tips for creating strong passwords include combining upper and lower-case letters, mixing in symbols and numbers, and formingpassphrases that you can memorize. Also, make sure you change your passwords at least every three months… and don’t use the same password for everything.
Scrutinize The Email You Receive BEFORE Opening
Be careful before you open any email, especially if it is unsolicited. (And especially if it’s before you’ve had your first cup of coffee.) Unsolicited or impersonated email can often be the way cybercriminals gain access to your networks. Remember not to download any files from unknown people or click on any links. The safest bet is to isolate the email and consult with your network administrator. Do not reply to and forward these kind of email messages.
Do Not Open or Share Files Over Instant Messenger
The rules here are similar for email. Though some companies have internal networks, never accept files unless you are expecting them or know who is sending the files.
Install Antivirus, Antispyware and Security Monitoring Programs on Your Computers
Antivirus and antispyware software are important first steps to protecting your computers. But there are other software tools that provide even higher levels of protection against online data theft. Conduct some online research and speak with vendors to determine how you can monitor your online network. By keeping an eye on your network’s activity, you can react faster to possible breaches in security and close off attacks before sensitive data is lost or stolen.
Make Sure Everyone Receives Operating Systems and Application Updates
All operating systems provide regular security updates and patches for errors. Application providers typically provide these as well, especially browsers. Make sure all the users in your network are receiving these updates. If necessary, set scheduled updates on a monthly basis to ensure everyone is running with the latest versions of key software.
Back Up Your Data
Schedule regular backups of your data. This can mean setting up a separate internal network drive available to employees or outsourcing this through a third-party vendor. Automatic updates are helpful to ensure that your key data across the company is backed-up properly. Some companies back up their data nightly, while others do it weekly. Depending on the sensitivity and/or importance of your data, choose the arrangement that works best for your business.
Limit Access to Your Network
It is important to keep access to your networks at a minimum. Do not allow unauthorized people to have access to your server room or vital systems. If you distribute laptops, make sure employees keep them secure. Unused laptops should be stored in a secure location. Also, make sure your WiFi network (if you have one) is not open for the general public. Lastly, you will want to limit employee access to data and information, and limit authority to install software to system administrators. This will reduce the likelihood of malicious software or illegal software being installed on your company’s property – thereby reducing downtime to a virus and/or legal liability.
Cybersecurity Articles and Resources
Greenleaf Integrative Strategies Develops Programs To Address Stress Challenges at USAID and Across Government
I had the chance recently to interview Dr. Siddharth Shah, medical director at Greenleaf Integrative Strategies, about what his company is doing for federal agencies, including the U.S. Agency for International Development (USAID).
Greenleaf’s mission is to help government agencies understand their stress challenges and co-create stress control programming that best meets needs. At USAID, for example, Greenleaf has built a program to assist agency employees who work in demanding environments.
Take a look at the interview, embedded below:
Background on Greenleaf Integrative Strategies
Greenleaf provides practical and actionable trauma-informed resiliency training to federal agencies and their workers to mitigate psychological trauma’s negative effects. Workers learn to appreciate the neurobiological response to extreme stress, apply tools for self-monitoring and evolve skills to thrive in the midst of crisis, vicarious trauma, burnout and critical incidents.
When I was first introduced to Greenleaf, I recognized their importance to government agencies. But their value transcends government and applies to the private sector, non-governmental organizations, and much more.
As a contractor to government and other service providers, Greenleaf creates cutting-edge training modules and table top exercises to bolster workers who are managing challenging circumstances. Modules are tailored to address the diverse cognitive styles, cultures and roles that constitute these agencies, providing a roadmap for resilience. Resilience to stress and challenging work environments, in my view, is a significant component to better mental and physical health, as well as productivity.
According to Dr. Shah, Greenleaf’s preventative care approach allows workers to:
- Prevent conditions before they ever become a problem
- Detect symptoms that would otherwise be overlooked
- Mitigate damage to speed recovery
“This knowledge,” according to Dr. Shah, “serves to lessen harm to people in the line of duty and maintain the quality of operations.”
For more information, visit Greenleaf at: www.greenleaf-is.com