Digital Forensics 101

The digitization of records and processes across government increases the need for sound digital investigation tools and processes. Whether it is looking into a data breach or gathering information for litigation, organizations are spending a lot of time culling through this data to get answers to pressing issues. An IDG survey found that a vast majority of organizations conduct digital investigations on a weekly basis. These investigations range from proving regulatory compliance, security incident response (including post-event analysis), and stopping high risk employee behavior (acceptable use violations).[Tweet "A look at digital investigations with Tod Ewasko, Director of Product Mgmt. at AccessData. #GovEventsBlog"]

We sat down with Tod Ewasko, Director of Product Management at AccessData to learn more about the role of digital investigations as a part of everyday IT efforts.

Q: Who "owns" forensics? IT? Legal? HR?

A: The answer is kind of all three. Many people lump forensics in with cybersecurity, but it's really a separate entity. Yes, forensics tools are used to investigate cyber incidents, but they are not preventative. That is what you have the "hunting" tools out there for - watching firewalls and logs for anomalous behavior or activity. Once that is stopped, then the forensics tools come in to make sense of it - to see how it happened and drive the plans to make sure it does not happen again. Forensic tools look beyond the event and gather all data relevant to the systems in question.

Q: Is forensics all reactive then? Continue reading

Are We There Yet? Achieving IT Reform in the Federal Government

In this post, we provided an overview of The Federal Information Technology Acquisition Reform Act (FITARA) and the various other Acts that have been passed to help streamline the procurement and use of IT for a modern government. Even with all of this focus on improving IT infrastructure, compliance with FITARA has been slow. Grades on the self-assessment scorecards are stagnating, and compliance with other related acts has been just as slow. It's easy to agree that government IT needs a boost to meet the expectations of citizens, so why, with all of these incentives and compliance checks in place, is progress so slow?[Tweet "Are We There Yet? Achieving IT Reform in the Federal Government. #GovEventsBlog"]

In an IT and "business" environment as complex as the federal government, there are many reasons for the slow improvement toward FITARA goals. Here are just a few of the challenges agencies are facing in meeting what seems to be "no-brainer" directives: Continue reading

The Data Center Takes Center Stage

The Data Center is at the heart of our information-centric world and as such is key to government IT modernization efforts. Recognizing this, the Federal government introduced the Data Center Optimization Initiative (DCOI) in 2016 that requires agencies to meet specific consolidation, energy efficiency, and cost reduction goals by 2019. This initiative is an extension of and supercedes the Federal Data Center Consolidation Initiative (FDCCI), which focused primarily on reducing the data center real estate footprint. The investigation into data center utilization resulted in the closure of 1,900 data centers and nearly $1 billion in savings. DCOI operates on a similar premise of looking at underperforming data center assets, but extends the examination to energy efficiency and cost impacts. [Tweet "Meeting your #DCOI consolidation, energy efficiency, and cost reduction goals? #GovEventsBlog"]

To stay on track for the 2019 deadline, agencies will have to show they meet the following metrics by September 2018: Continue reading