The 3 Key Steps to Successfully Implement the DATA Act

By Dick Gregg // February 6, 2015

U.S. Treasury Department headquarters in Washington, D.C.
U.S. Treasury Department headquarters in Washington, D.C. // Adam Parent/Shutterstock

Dick Gregg is former fiscal assistant secretary of the Treasury Department and managing director of H.J. Steininger PLLC.

As fiscal assistant secretary of the Treasury Department until last year, I learned firsthand how challenging it is for the U.S. government -- one of the largest, most complex organizations the world has ever known -- to achieve major transformations.  

But I also saw the benefits such change can bring to our government when fully adopted.  

For instance, at Treasury we replaced over 30 separate payment-processing systems with a standardized system that manages more than 1 billion payments every year. That standardization was hard to achieve, involving many agencies besides Treasury. It took years, but it saved money and greatly improved the automated controls to ensure these important payments are made accurately and on time.  

The unanimous passage of the Digital Accountability and Transparency Act last year requires the Treasury Department to undertake one of its most ambitious management and technological transformations yet: Treasury and the Office of Management and Budget must work together to adopt governmentwide data standards for all federal spending information, transforming federal spending into open data.  

The DATA Act calls for Treasury and OMB to announce the new ...

Wearables Bring New Sense of Fashion to Public Sector

By Chuck Brooks // February 5, 2015

Chris Pizzello/AP

Chuck Brooks is vice president and client executive of Department of Homeland Security for Xerox.

“I can’t imagine my life without it.”

A common statement when people talk about their smartphone, no matter their age. It’s true; it’s hard to remember life without these devices available at our fingertips. Some would insist they are no less important than our eyes, ears, hands or feet, or so it seems. 

Times are changing and we are in the midst of a smart mobility explosion with endless possibilities. While smartphones, tablets and similar mobile devices remain prevalent, there is a new generation of technology coming that will rock the boat in terms of how we live our lives and do our jobs within any industry – wearables.

But why is there so much hype around wearables? Data. For every smartphone, tablet, sensor clothing or pair of glasses, there’s a steady flow of information coming and going that can be collected, analyzed and applied to every industry. These insights have the ability to shape the next-generation of work and transform the way work gets done.

Its adoption has begun to spread beyond the private sector to government agencies, public safety, health ...

Rocketing into the Future: Can Containers Help Secure the Cloud?

By Dominic Delmolino // January 30, 2015


Dominic Delmolino is vice president for systems architecture and engineering at Agilex.  

As my colleague, Roger Baker, noted in his recent Nextgov article, commercial clouds are more secure than ever, surpassing the security of most government data centers. Unfortunately, that strong security has defined limits, resulting in a shared security responsibility.

While cloud providers offer solid tools for network and application security, individual cloud applications and servers still need to be secured by IT professionals, many of whom are still coming up to speed on cloud security tools and concepts.

Creating and launching a secure cloud server isn’t easy, and the work that goes into making a cloud server that balances developer demands for instantaneous creation against operational security is often underappreciated.

At one of my customers, the operations group has been able to create a reasonably useful and secure cloud server image that starts up in about 30 minutes. During the startup process, the server ensures it has the latest vulnerability patches and security updates, registers itself with intrusion detection and virus scanning services and links up with central logging and monitoring servers. The result is an approved, secure cloud server that can be used to host production ...

Why Commercial Clouds are More Secure than Federal Data Centers

By Roger Baker // January 5, 2015


Roger Baker, former chief information officer for the departments of Veterans Affairs (2009-13) and Commerce (1998-2001), is currently the chief strategy officer at Agilex. 

Ever since the Office of Management and Budget issued its cloud first strategy in 2010, the security of cloud offerings has been a major concern for federal IT managers. It is the primary reason the largest share of cloud expenditures in government has been on private clouds. 

These dedicated offerings are viewed as providing a better fit to existing information security models, as agencies can exert more control over the internal architectures and processes of the private cloud.

In contrast, agencies have believed that commercial cloud offerings were not secure enough for their applications, especially those requiring "high" protections under the Federal Information Security Management Act.

But time and investment by the private sector have turned that belief into a canard. The government’s own FISMA audits provide the primary proof. These audits observe widespread issues with configuration control, patch management, unsupported versions of hardware and software, disaster recovery and numerous other vulnerabilities.

Commercial cloud vendors aggressively avoid these problems as a fundamental part of their business model. They must constantly update their offerings to remain ...

3 Reasons Why Open Source Means Better Security

By Olivier Thierry // January 2, 2015


Olivier Thierry is the chief marketing officer of Zimbra, a maker of open source collaboration software.

The last time you were online, did you click “Remember me” when a website prompted you to save your login information?

The answer is probably yes, and it was likely motivated by convenience. Many U.S. consumers and business professionals think they’re protecting the security of their bank accounts and personally identifiable information, when really their habits of keeping credit cards on file, hosting free email in the cloud and storing passwords on websites or apps are putting this critical data in jeopardy.

In the wake of major security breaches and attacks on businesses and governments in 2014, both sectors in the U.S. and abroad are identifying and cracking down on the security policies that created these issues in the first place.

For example, a recent report by the Ponemon Institute and Zimbra shows that just as many U.S.-based organizations fail to enforce security and data privacy protocols as those succeeding, while 75 percent of business employees frequently use unauthorized messaging and collaboration applications.

While these habits have dire consequences for private and financial industries, risks in governments impact national ...