A big merger, a more-private HealthCare.gov and still more Clinton email questions

Dell to buy EMC in $67B deal

Two of the largest players in the enterprise IT space are joining forces and bringing together some of the biggest names in hardware, security, virtualization, cloud, networked storage and more.

At $67 billion, Dell's acquisition of EMC is the largest ever in that sector. Dell's hardware business and computing services will be joined by EMC's VMware, RSA and LenovoEMC. Control of VMware, the cloud and virtualization offering that is widely used in government, is a key driver of the deal. Valued at about $33 billion, VMware is a public company, but the combined Dell/EMC entity will own more than 80 percent of its stock.

Storage is also a big factor. The combined company will control about 30 percent of that market, according to a Bloomberg report.

Dell has been privately held since 2013, after a $19 billion stock buyback led by founder and CEO Michael Dell. He will lead the combined firm, assuming the deal clears any regulatory hurdles.

CMS adds privacy protections to HealthCare.gov

As the third open-enrollment season for health insurance through HealthCare.gov kicks off Nov. 1, the agency responsible for the website's operation has added new privacy protections.

The site has a new privacy manager, and it supports a "do not track" browser setting designed to exempt users from online ad tracking, said Kevin Counihan, Marketplace CEO at the Centers for Medicare and Medicaid Services, in an Oct. 9 blog post.

CMS also has updated its privacy notice with information on the tools, and "we tried to make the policy easy to navigate while also being a lot more specific," he said.

Counihan added that the privacy manager tool, available through the "Privacy Settings" link at the bottom of the HealthCare.gov page, makes it easy to opt in or out of the different types of third-party tools HealthCare.gov uses -- such as the agency's own advertising outreach, analytics and social media.

Users who opt out will still have access to everything on the site, but the agency won't use information from their visits to analyze the site's technical performance or use digital advertising to provide information such as deadlines, he said.

Users who select the "do not track" option will be excluded from data collection and tracking by HealthCare.gov, Counihan added.

Clinton email server had remote control vulnerability

Hillary Clinton's private server, which facilitated the personal email address she used instead of a State.gov address during her tenure as secretary of State, was connected to the Internet in an unsecure fashion, the Associated Press reported Oct. 13.

An unauthorized user could control Clinton's server using Microsoft's Remote Desktop Services, and the machine lacked the protection of an encrypted virtual private network connection. AP based its findings on a review of an anonymous hacker-researcher's 2012 Internet "census," which twice scanned Clinton's home network. It wasn't the first time someone inadvertently stumbled on her semi-secret email situation years before it became the focus of a media frenzy.

Justin Harvey, chief security officer at Fidelis Cybersecurity, told AP the remote access revelation indicates that Clinton's IT team violated "the most basic network-perimeter security tenets: Don't expose insecure services to the Internet."

The National Institute of Standards and Technology had warned about the vulnerabilities of exposed server ports in 2008.

Clinton has maintained that her server was well protected but has not offered a detailed account of safeguards.

Bryan Pagliano, Clinton's private tech adviser, has invoked the Fifth Amendment to avoid answering questions about the setup, AP noted.

CACI nabs sole-source Cyber Command task order

U.S. Cyber Command has awarded a yearlong sole-source task order to CACI to provide technical assurance, IT, research and development, and evaluation services. The previous contract ended Sept. 30 with the conclusion of fiscal 2015. Command officials said they made the award to CACI “to ensure continuity of services.

The sole-source basis was necessary because “only one source is capable of providing the services at the quality required because the supplies or services required are unique or highly specialized,” officials said.

The task order comes as Cyber Command plans a larger, consolidated acquisition vehicle. The command has five contracts that use various contracting vehicles, and officials want to eliminate redundancies that might arise from that arrangement.

To that end, the command issued a request for proposals in May to streamline its acquisition of cybersecurity capabilities but withdrew the solicitation “due to extensive vendor questions and concerns,” officials said. The command went back to the drawing board and is now looking to award the consolidated acquisition vehicle in April 2016.