FedTech Magazine - Technology Solutions That Drive Government https://fedtechmagazine.com/rss.xml en How to Protect Your Agency’s Networks and Users During Telework https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/04/how-protect-your-agencys-networks-and-users-during-telework%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>The federal government in recent weeks has seen <a href="https://www.nytimes.com/2020/03/16/us/politics/coronavirus-government-work.html" target="_blank">a surge in teleworking</a>. The current environment is giving agency IT leaders a real-time test case for how to secure large numbers of users working remotely, both now and in the future. </p> <p>As more workers conduct their missions from home or other remote workspaces, that unfortunately gives malicious actors <a href="https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2020/03/19/the-cybersecurity-202-coronavirus-pandemic-makes-u-s-more-vulnerable-to-serious-cyberattack-lawmakers-warn/5e72c66e602ff10d49acf5bc/" target="_blank">a much larger attack surface</a> to <a href="https://www.washingtonpost.com/nation/2020/03/13/federal-employees-may-soon-be-ordered-work-home-that-could-pose-serious-cybersecurity-risks/" target="_blank">target government agencies</a>. </p> <p>For example, <a href="https://www.defenseone.com/threats/2020/03/attacks-dod-networks-spike-telework-brings-unprecedented-loads/163812/?oref=defense_one_breaking_nl" target="_blank">cyberattacks on Defense Department networks</a> increased <a href="https://fcw.com/articles/2020/03/16/dod-telework-cyber-attacks.aspx" target="_blank">over the weekend of March 14-15</a> as teleworking employees put “unprecedented” loads on the military’s computer networks. </p> <p>“They’re already taking advantage of the situation and the environment that we have on hand,” Essye Miller, DOD’s principal deputy CIO, told department employees at a March 16 “virtual town hall.” DOD subsequently blocked access to YouTube for its users, and Miller urged DOD users to only use chat and collaboration services provided by the Defense Information Systems Agency.</p> <p><a href="https://www.whitehouse.gov/wp-content/uploads/2020/03/M-20-19.pdf" target="_blank">In a March 22 memo</a>, Margaret Weichert, the Office of Management and Budget’s deputy director for management, sent a technology-focused memo to agency heads directing agencies to “use the breadth of available technology capabilities to fulfill service gaps and deliver mission outcomes.”</p> <p>An FAQ section of the March 22 memo covers cybersecurity, and notes that “security protocols, requirements regarding the appropriate use of federal resources, and legal requirements are always applicable.” </p> <p>However, agencies are “encouraged to make risk-based decisions as appropriate to meet mission needs as outlined” <a href="https://www.whitehouse.gov/wp-content/uploads/2020/03/M-20-16.pdf" target="_blank">in a separate OMB memo, issued on March 17</a>. </p> <p>Areas of increased focus concerning cybersecurity and privacy outlined in the memo include: </p> <ul><li>Updating VPN components, network infrastructure devices and devices being used to enable remote work environments with the latest software patches and security configurations</li> <li>Providing guidance to employees about how to ensure proper information security and privacy controls are in place when working from alternate locations or home</li> <li>Continuing to prohibit the unauthorized forwarding of government business materials or other information to personal devices</li> <li>Continuing to prohibit the unauthorized usage of social media platforms or any unauthorized devices for government business</li> <li>Confirming that the expanded usage of technology tools is in accordance with appropriate legal considerations and does not violate legal terms of service</li> </ul> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/04/how-protect-your-agencys-networks-and-users-during-telework%22%20hreflang%3D%22en%22%3Eview%3C/a%3E NOAA to Use Cloud and AI to Help Protect Endangered Species https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/04/noaa-use-cloud-and-ai-help-protect-endangered-species%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>According to the International Union for Conservation of Nature’s <a href="https://www.iucnredlist.org/resources/summary-statistics" target="_blank">Red List of Threatened Species</a>, the number of species classified as endangered has steadily risen every year for the past 20 years. </p> <p>Part of the wide-ranging mission of the National Oceanic and Atmospheric Administration is to study and protect endangered species, and with the help of <a href="https://www.cdwg.com/content/cdwg/en/brand/microsoft.html" target="_blank">Microsoft</a>, the agency is getting a leg up in doing so. </p> <p>Last month, NOAA and Microsoft announced a partnership for the agency to leverage Microsoft’s artificial intelligence and cloud technology this spring to more easily and accurately identify animals and population counts of endangered species. </p> <p>The tools will be used “to help monitor endangered beluga whales, threatened ice seals, polar bears and more, shaving years off the time it takes to get data into the right hands to protect the animals,” <a href="https://news.microsoft.com/features/artificial-intelligence-makes-a-splash-in-efforts-to-protect-alaskas-ice-seals-and-beluga-whales/" target="_blank">according to a Microsoft blog post</a>.</p> <p>“The teams are training AI tools to distinguish a seal from a rock and a whale’s whistle from a dredging machine’s squeak as they seek to understand the marine mammals’ behavior and help them survive amid melting ice and increasing human activity,” the post notes. </p> <p>Dan Morris, Microsoft’s principle scientist with its AI for Earth program, <a href="https://www.nextgov.com/emerging-tech/2020/02/noaa-use-microsoft-ai-advance-protection-endangered-species/163208/" target="_blank">tells Nextgov</a> that AI tools “empower scientists like our NOAA collaborators to spend less time on tedious data annotation, and more time answering urgent environmental questions.”</p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/04/noaa-use-cloud-and-ai-help-protect-endangered-species%22%20hreflang%3D%22en%22%3Eview%3C/a%3E How Smart Building Technology Is Shaping Federal Agencies https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/how-smart-building-technology-shaping-federal-agencies-perfcon%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>A smart building typically looks like a regular building, with bricks and glass windows, but at the heart of <a href="https://fedtechmagazine.com/article/2020/01/tech-behind-smart-building-automation-systems-perfcon">a smart building</a> are sensors that drive building automation. </p> <p>Internet of Things sensors and devices monitor HVAC and lighting, motion, humidity, electrical controls, access control and video security. The data from those sensors then feeds a variety of controllers that can help IT and operations staff automate building management. </p> <p>As the General Services Administration <a href="http://gsa.gov/real-estate/facilities-management/gsa-smart-buildings/advantages-of-smart-buildings" target="_blank">notes</a>, smart buildings lead to “greater tenant satisfaction, reduce energy cost and environmental impact, and decrease operational inefficiencies.” </p> <p>Smart buildings are a growing market. <a href="http://prnewswire.com/news-releases/next-gen-smart-building-solutions-to-generate-over-us2-billion-in-revenues-by-2026-300991630.html" target="_blank">According to ABI Research</a>, the market for smart building solutions will grow at a 32 percent compound annual growth rate over the next eight years to create $2 billion in software and services revenues by 2026.</p> <p>David Eye, a senior consulting engineering architect at <a href="https://www.cdwg.com/search/?key=Schneider%20Electric&amp;searchscope=all&amp;sr=1" target="_blank">Schneider Electric</a>, notes that in the past, building management systems did not monitor factors such as how many people were in a room or entering a building, or other, more granular aspects of a building’s operations. Now, with intelligent building management systems, sensors can gather information on everything from the types of gases in a room to the level of light entering a building and movement in a room. </p> <p>“IBMS can take action based upon the desired optimization from an occupant,” Eye says. “The concern is to be able to drive that occupant’s comfort and safety and security.” For example, some customers may want the windows of a room to become tinted automatically if a certain number of occupants enter it. </p> <p>Government agencies are using smart buildings, and the technologies that undergird them, to drive operational efficiencies and ensure they have reliable sources of energy. </p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/how-smart-building-technology-shaping-federal-agencies-perfcon%22%20hreflang%3D%22en%22%3Eview%3C/a%3E Feds Need to Keep Telework IT Running Smoothly to Maintain Continuity of Operations https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/feds-need-keep-telework-it-running-smoothly-maintain-continuity-operations%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>Federal agencies often need to maintain critical operations amid emergencies and natural disasters. Keeping users online, ready to work and secure are the cornerstones of any disaster recovery operation. Sometimes, only part of an agency is affected. In other cases, an entire agency may require its staff to work remotely if an office is closed or if transportation is cut off. </p> <p>When government offices are closed for any reason, agencies are faced with the task of maintaining telework solutions and cybersecurity for entire offices, resulting in <a href="https://www.nytimes.com/2020/03/16/us/politics/coronavirus-government-work.html" target="_blank">mass amounts of federal employees working remotely</a>.</p> <p>The essential telework tools — thin clients, VPNs, online meeting platforms, instant messaging, tethering and VoIP — need to function smoothly and be secured. That is going to make the need for adequate network capacity more pressing than ever and is also raising critical questions about how to ensure those users do not compromise agencies’ IT security as they work remotely. </p> <p>Something IT leaders should also keep in mind as they scale up telework capabilities is that they should identify IT administrators who can take over their IT operations management if the executive management team is otherwise unavailable. </p> <p>Sean Torpey, former acting CIO of the Federal Aviation Administration <a href="https://fedtechmagazine.com/article/2019/08/3-business-continuity-and-disaster-recovery-tips-feds" target="_blank">has told <em>FedTech</em></a> that if, for example, the FAA headquarters in Washington, D.C., is damaged, Torpey will pass the baton to an IT leader at the FAA’s aeronautical center in Oklahoma City. Once Torpey reaches either of two backup office locations, he can retake control of the organization. “If I’m down, someone needs to lead the ship. We have people who will take over the responsibility in other areas of the country, so IT can still be running,” he says.</p> Marty Spain https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/feds-need-keep-telework-it-running-smoothly-maintain-continuity-operations%22%20hreflang%3D%22en%22%3Eview%3C/a%3E Energy Department and Verizon Partner on 5G Development https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/energy-department-and-verizon-partner-5g-development%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>5G wireless networks that government agencies can use are no longer theoretical. The Defense Department plans to conduct <a href="https://www.defenseone.com/technology/2020/02/pentagon-wants-start-testing-new-5g-tech-soon/163359/" target="_blank">5G tests at four military bases</a>, with the first experiment expected to take place at Hill Air Force Base in Utah involving spectrum sharing.</p> <p>Nonetheless, many of the benefits and use cases for 5G in government are still hypothetical. They include the U.S. Postal Service leveraging high data rates and expanded bandwidth to more precisely track drivers and packages, the Defense department sending information to warfighters more quickly and the Department of Veterans Affairs beaming data-rich, high-resolution images wirelessly from the imaging room to a doctor working on another floor. </p> <p>To kickstart 5G deployments in government, an Energy Department lab <a href="https://www.pnnl.gov/news-media/pnnl-verizon-bring-5g-national-laboratory" target="_blank">announced earlier this month</a> that it would <a href="https://www.verizon.com/about/news/verizon-business-national-lab" target="_blank">partner with Verizon</a> to explore and test how 5G can be used by agencies. The lab is expected to open by the end of the second quarter, <a href="https://www.nextgov.com/emerging-tech/2020/03/pacific-northwest-national-laboratory-verizon-unveil-partnership-advance-5g/163766/" target="_blank">according to Nextgov</a>. </p> <p>The Pacific Northwest National Laboratory, which focuses on advanced mobile communications research and development, will install Verizon’s 5G Ultra Wideband network at its lab in Richland, Wash. The lab will collaborate with Verizon Business to “develop 5G applications that can benefit everything from chemistry and earth sciences research to the needs of first responders,” according to a Verizon press release. </p> <p>“They can take the smartest people in government that work for PNNL and really ideate and, with their folks on R&amp;D, collaborate with us to explore how 5G can really transform the work that the federal government does,” Mike Maiorana, senior vice president of federal sales at Verizon, <a href="https://www.fedscoop.com/national-laboratory-5g-doe/" target="_blank">tells FedScoop</a>.</p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/energy-department-and-verizon-partner-5g-development%22%20hreflang%3D%22en%22%3Eview%3C/a%3E The Top Mobile Security Threats for Government in 2020 https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/top-mobile-security-threats-government-2020%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>With vast numbers of federal workers working remotely due to the coronavirus pandemic, mobile security has become even more important than it was before. </p> <p>Mobile security has become a prominent part of agencies’ cybersecurity programs, but there are still gaps in security. What are they, and how can agency IT leadership help close them? </p> <p>Verizon recently released its “Mobile Security Index 2020” report, <a href="https://enterprise.verizon.com/resources/reports/2020-msi-public-sector.pdf" target="_blank">including an entire chapter on the public sector</a>. The report is based on an independent survey of 876 professionals — over 20 percent of whom were from public sector organizations —responsible for buying, managing and securing mobile and Internet of Things devices for their organizations. </p> <p>The report revealed that insider threats, unapproved applications and vulnerabilities in Internet of Things devices are among the chief concerns. The report notes that remediation for these threats varies but includes education and enforcing policies, as well as data encryption and enhanced authentication. </p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/top-mobile-security-threats-government-2020%22%20hreflang%3D%22en%22%3Eview%3C/a%3E The Most Logical Federal Use Cases for DevOps https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/most-logical-federal-use-cases-devops%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>Agencies are turning to a DevOps methodology to develop applications and increase innovation but face hurdles in increasing adoption of the approach, according to a newly released white paper.</p> <p>The white paper from ACT-IAC, “<a href="https://www.actiac.org/act-iac-white-paper-devops-primer" target="_blank">DevOps Primer: Case Studies and Best Practices from Across Government</a>,” notes that DevOps remains “a small pilot effort on a handful of applications” because it “usually lacks visibility and struggles to the attention and resources devoted to larger initiatives.” </p> <p>The white paper notes that agencies face challenges in deploying DevOps due to “a lack of true executive understanding, buy-in, and support,” leading to many IT leaders and staff working on DevOps to “struggle to define and then meet expectations (both their own and their leaders and appropriators).” </p> <p>However, the white paper outlines ways that agencies have successfully shifted to DevOps, providing a roadmap for their peers as they continue to evolve their strategies. The paper includes case studies from the U.S. Patent and Trademark Office, U.S. Citizenship and Immigration Services, the IRS, the National Museum of African American History and Culture, the National Park Service, and the National Science Foundation.</p> <p>The agencies describe the goals, benefits, approach, lessons learned and next steps that are specific to their unique missions and cultures, and the case studies highlight the possibilities and pitfalls to be avoided.</p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/most-logical-federal-use-cases-devops%22%20hreflang%3D%22en%22%3Eview%3C/a%3E How Agencies Can Manage Cloud Consumption for Optimal Results https://fedtechmagazine.com/%3Ca%20href%3D%22/resources/white-paper/how-agencies-can-manage-cloud-consumption-optimal-results%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>The public cloud can simplify IT environments. But what happens when an enterprise’s cloud environment itself becomes maddeningly complex?</p> <p>As organizations across industries have increased their cloud spending and made the public cloud a more integral part of their operations, a number of inefficiencies have cropped up. The sources of these complications range from poor design to a lack of governance, and these inefficiencies can lead to negative outcomes that include cost overruns, lack of visibility into the environment and security vulnerabilities.</p> <p>An effective cloud management strategy can help organizations to manage their environments more efficiently. Such a strategy should include plans to control costs and optimize application performance, as well as to detail who is responsible for which aspects of cloud security.</p> <p>A variety of solutions and services can help organizations to implement and manage this strategy over time. These solutions include cloud management platforms, application and performance monitoring, backup and recovery, and other tools. Many organizations find it helpful to work closely with a third-party cloud management partner with broad and deep expertise managing cloud environments.</p> <p><strong>Learn more by downloading our white paper: "Managing Cloud Consumption for Optimal Results."</strong></p> https://fedtechmagazine.com/%3Ca%20href%3D%22/resources/white-paper/how-agencies-can-manage-cloud-consumption-optimal-results%22%20hreflang%3D%22en%22%3Eview%3C/a%3E How to Ensure Mobile Security as Smartphone and Tablet Deployments Increase https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/how-ensure-mobile-security-smartphone-and-tablet-deployments-increase%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>Federal agencies have deployed mobile devices, including smartphones and tablets, at an astonishing clip over the past few years to surge in the mobile, usage, technologies and productivity which gives the modern workforce and federal missions the ability and flexibility to complete their work and enhance their agencies’ missions. </p> <p>For example, the Defense Department grew its base of 30,000 mobile users to 120,000 between 2015 and 2018. NASA had more than 70,000 mobile users as of 2018, and the Department of Homeland Security currently has more than 90,000 devices in use. </p> <p>As those figures have grown, so have mobile security concerns. Mobile devices increase the attack surface for agencies and become threat vectors for everything from phishing attacks to ransomware and data exfiltration. Devices can also be used by employees to mount insider attacks. </p> <p>To guard against such attacks, agency IT security leaders need to focus on their mobile strategy, policy and compliance, cybersecurity training, mobile data and application management, secure supply chain, testing of their mobile environment, encrypting data when it is in transit, and restricting access to data. </p> <p>“There’s a lack of appreciation of the risk of mobile devices,” says John Loveland, global head of cybersecurity strategy and marketing at <a href="https://www.cdwg.com/search/?b=VZN" target="_blank">Verizon</a>.</p> <p>“The focus from an InfoSec perspective has been around proacting the network,” he notes. “But as the network edge starts to blur or disappear, you need to be thinking about your assets and the devices that connect in. You need education and awareness.”</p> Sam Lakhia https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/how-ensure-mobile-security-smartphone-and-tablet-deployments-increase%22%20hreflang%3D%22en%22%3Eview%3C/a%3E Are Agencies Making Progress on Application Rationalization? https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/are-agencies-making-progress-application-rationalization%22%20hreflang%3D%22en%22%3Eview%3C/a%3E <p>Federal agencies are working to rationalize their application portfolios as they move to the cloud. However, discarding older applications or consolidating them into new ones does not mean that agencies will have to stop investing in IT. </p> <p>One of the core tenets of the government’s <a href="https://www.whitehouse.gov/wp-content/uploads/2019/06/Cloud-Strategy.pdf" target="_blank">Cloud Smart strategy</a> is application rationalization, which involves reducing an application portfolio by assessing the need for and usage of apps and a push to get rid of obsolete, redundant or overly resource-intensive applications.</p> <p>“Decreased application management responsibilities will free agencies to focus on improving service delivery by optimizing their remaining applications,” the strategy states. “To support these rationalization efforts, the CIO Council will develop best practices and other resources.”</p> <p>Indeed, last year the Federal CIO Council <a href="https://www.cio.gov/assets/files/Application-Rationalization-Playbook.pdf" target="_blank">released an application rationalization playbook</a>. </p> <p>“Agencies can determine whether the existing ‘as-is’ environment, or a proposed ‘to-be’ configuration is the best fit for their core mission, based on cost, business resiliency and service delivery,” a General Services Administration <a href="https://federalnewsnetwork.com/reporters-notebook-jason-miller/2019/07/application-rationalization-playbook-a-prescriptive-and-flexible-approach-to-the-cloud/" target="_blank">spokesperson tells Federal News Network</a>. “This rationalization process feeds directly into cloud smart decisions. As we streamline existing data centers, efficiency decreases, eventually leading to closure.”</p> Phil Goldstein https://fedtechmagazine.com/%3Ca%20href%3D%22/article/2020/03/are-agencies-making-progress-application-rationalization%22%20hreflang%3D%22en%22%3Eview%3C/a%3E