Tag Archives: Security

Formalizing the Future of Cloud in Government

Posted on by

In one of its first acts, the 117th Congress passed the FedRAMP Authorization Act. This bill codifies the Federal Risk and Authorization Management Program (FedRAMP) and, in the process, speeds up the time it takes for cloud solutions to be implemented in the Federal government. Currently, cloud solutions must frequently gain separate authority to operate statuses for each agency where they are used. This bill looks to have the General Services Administration (GSA) automate processes to promote reciprocity for security validations from one agency to another.

This bill was passed at a critical time for cloud adoption within government as agencies continue to accelerate their digital plans to meet the needs of a remote workforce. While the way has been cleared for "emergency" use of cloud to keep the business of government running, laws and policy like this Act ensure that there is long term support for the move to cloud services.

Continue reading

Security in the “New Normal”

Posted on by

With telework expected to stay long after the pandemic ebbs, government agencies are looking to shore up the remote work solutions they put in place to ensure on premise security measures extend to the dispersed workforce. Multi-cloud environments are the reality for almost every agency. The many applications needed for the diverse functions of an organization require multiple cloud solutions to provide the specific support needed.

A report from Meritalk, Multi-Cloud Defense: Redefining the Cyber Playbook, found that 83 percent of respondents are increasing multi-cloud adoption to support telework and mission needs related to COVID-19. However, 42 percent said their cyber strategies cannot keep up. One part of the challenge is creating a solution that can be applied to the wide variety of endpoint devices and meeting enterprise security requirements.

Continue reading

Artificial Intelligence Gains Energy

Posted on by

The development and use of Artificial Intelligence (AI) became official policy of the United States with the signing of an Executive Order in February. This order outlines and directs America's government-wide push to advance the use of AI through research and public/private partnerships. In the ensuing months, the Department of Energy has emerged as a leader in these efforts.

In September 2019, the DOE initiated the Artificial Intelligence and Technology Office (AITO) to help channel the department's vast resources across its national lab facilities. These efforts are paying off as DOE partners with Health and Human Services and Veterans Affairs as part of the COVID-19 Insights Partnership with the goal to increase data sharing and analysis in the fight against the spread of COVID-19. The DOE is also pressing ahead with private partnerships announcing the First Five Consortium with Microsoft, the Pacific Northwest National Laboratory, and the Defense Department's Joint Artificial Intelligence Center (JAIC). Together they will develop AI-based solutions for data-first responders.

Continue reading

How Identity Management Can Drive Improved Citizen Experience

Posted on by

Citizen Experience is a focus of government agencies from federal to state and local. Governments are working to give citizens the same service experience they get as consumers in the commercial market. A huge piece of this is understanding who the citizen is and creating a "journey" tailored to their needs. This starts with the rather technical and security-minded practice of identity management.

Traditionally, identity management has been viewed as a way to enable access to systems for a workforce. It is the practice that assures that the proper people have access to the technology and systems they need. If we look at it in the context of citizen service, identity management is more than giving people access to their accounts. It is about giving people and systems that serve citizens insight to how they can better serve each citizen. In fact, a well-thought out identity management strategy can proactively offer applicable programs related to public health and social services.

Identity management is playing a role as part of robotic process automation (RPA) solutions designed to speed up benefits to citizens. In an effort to improve the turnaround time for loan distribution during national crises, RPA can enable a compilation of an applicant's record from multiple systems, channels, and service providers for collection and entry into systems for underwriters to analyze. Identity management is key to achieving 10 to 100 times faster processing, ensuring that the person applying for the aid is who they say they are.

Continue reading

Databases – Evolving at the Speed of Technology

Posted on by

The way we look at and use databases has changed dramatically over the past several years. Starting with data center consolidation mandates and the push to Cloud First and later Cloud Smart, agencies across government have been reinventing how they use and access databases.

DevOps is making an impact on how databases are planned and managed. The continuous updates and faster releases are being applied to database management to make government more agile. It also acts to make government systems more secure. The DevOps process that introduces more automation and continuous improvement means that human-related data errors can be mitigated earlier in deployment processes. Combined with encryption, this approach of granting access to sensitive data to those with the correct permissions can also mask the data in copies of databases used for development and testing.

The potential "downside" of DevOps throughout government is the fact that application developers are being asked to double as database administrators to maintain fluidity in the process and support an agency's rapid release cycle. But, if we recognize this concept of the "accidental database administrator," we can get them the tools to succeed. Software as a Service-based application performance management (APM) is one tool that developers can use to continuously identify performance and availability issues leading to proactive reporting of matters that may be "beyond their pay grade."

Continue reading