In October, ghosts and goblins come to life as decorations on front lawns and as candy-seeking children knocking on our doors. But stepping away from the frivolity of Halloween, October has also become a time for us to reflect on the real threats we face year-round when it comes to our data, identity privacy and online security.
National Cybersecurity Awareness Month (NCSAM), spearheaded by the Department of Homeland Security (DHS), is a "collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online." This year's theme is Own IT. Secure IT. Protect IT. Programs around the country will address topics including citizen privacy, securing consumer devices, and eCommerce security.
More than IT professionals talking to one another, NCSAM aims to reach out to the public to emphasize personal accountability and educate people about the importance of taking proactive steps to enhance cybersecurity at home and in the workplace. The NCSAM website has some handy guides that can be shared to educate people on these actionable steps.
As cloud gains momentum as a platform for government IT, the one-size-fits-all solution is becoming obsolete. Government organizations require unique solutions to suit their specific needs, which is why understanding the cloud platform options is the first step to making the change to the cloud. Initially, there were public clouds hosted completely off government sites by a third party (like Google or Amazon Web Services). Then came private clouds, infrastructure and networks designed as a cloud but only available to a closed loop of individuals. Private clouds are hosted on-premise by the government entity they were built for. Now, there is a third type of cloud implementation that is proving to be the most popular and most attractive to government agencies - the hybrid cloud.
Hybrid infrastructures mean that some elements are hosted in a cloud (either public or private) while others are managed on-premise. There is a connection that allows all systems to work seamlessly. This set-up alleviates security concerns and helps organizations maintain tight control over critical applications.
Additionally, a hybrid environment helps avoid vendor lock-in. As agencies found with hardware, becoming an all "one vendor" shop has drawbacks. While going with a single IT vendor can have initial cost savings and economies of scale, in the long run, agencies grew frustrated when that one vendor could not innovate quick enough or provide the support they needed. Agencies are wary of falling into the same trap with cloud providers and look to spread out their applications across several platforms. This allows them to pick the cloud infrastructure that works best for that particular IT solution. There are hybrid cloud management tools that "abstract away many of the common features offered by different cloud providers" making it easier to manage multiple clouds. Continue reading
There's a huge buzz and movement about opening up government. There are three phrases that are used frequently in relation to openness in government but each mean something a bit different.[Tweet "The focus on openness is changing the way IT is designed, developed, and implemented. #GovEventsBlog"]
- Open Government - This is a core tenant of our democracy, the belief that citizens have the right to access the documents and proceedings of the government to allow for effective public oversight. While this has always been a practice of government (via the Freedom of Information Act), with the move to digital records the way people want to receive and the way the government can share information has changed dramatically.
- Open Data - This is data that can be freely used, re-used and redistributed by anyone. Much of the information the government holds should be open data, but giving people the access they require has been a stumbling block to open government.
- Open Source - This is the technical piece of the "open" puzzle. Open Source is software for which the code is made freely available and may be used and changed. Open Source solutions allow people to not only get at the data but also work with that data in new ways.
Amazon Web Services (AWS) recently announced a newly developed "secret region" in their cloud, specifically made to host federal data up to the secret level of security classification--the second-highest level behind top secret. Amazon had previously offered only a top secret region, but this new offering now allows for any sensitive data to be stored in the commercial cloud. According to Amazon, "The U.S. Intelligence Community can now execute their missions with a common set of tools, a constant flow of the latest technology and the flexibility to rapidly scale with the mission." Microsoft Azure also has a similar offering.[Tweet "AWS newly developed "secret region" in their cloud to host federal data. #GovEventsBlog"]
The government's adoption of cloud technology started with administrative and low-risk data and applications - service workflow solutions with Salesforce, email platforms, and video conferencing. As evidenced by the work put into securing the cloud for sensitive data, commercial cloud providers see a need and profitable revenue stream with government customers. Continue reading