GOVTek Monthly Newsletter: Issue 71, July 2010

Research & Publications

Who Owns Data in the Cloud?
When government moves data to the cloud, who owns it? And how can it be secured or, in extreme cases, decommissioned? During a panel discussion on Security in Public/Private/Hybrid Clouds, part of the at the Government Technology Research Alliance meeting, everyone involved acknowledged the need to raise the level of trust in the public cloud. Agencies and the public need to be confident that government data is properly secured within the U.S. and can be, if needed, properly destroyed.

The Political Hurdle to Data Center Consolidation
Data center consolidation makes sense economically and as a way to achieve more efficient information technology operations, but cultural and political challenges have to be surmounted at the federal and state levels to make it happen, according to chief information officers speaking at the Government Technology Research Alliance conference.

Continuous Monitoring Guidance Under Way at NIST
Although continuous monitoring practices are hardly new - NIST released its first publication on the subject in May 2004 - the need for more detailed approaches has gained new urgency under Federal Chief Information Officer Vivek Kundra and recent legislative moves to reform the Federal Information Security Management Act, which would make continuous monitoring a requirement.

Forget the Facelift; Enterprise Communication is Headed for an Overhaul: Why Email is a Four-Letter Word in Group Collaboration
Unless you're in the storage business, you've most likely cursed the inefficiency and overabundance of email in your organization. Try to find that last email detailing the final FINAL specs from a member of your development team and the only thing you'll come across is the hair you've lost during the search...and that really funny email with the dog hugging the baby.

IT Strategic Planning
Now more than ever, government IT organizations need IT strategies that are practical, measurable, and achievable. IT strategic planning is intended to help organizations set their
information technology direction in a manner that supports the overall agency strategic plan. Unfortunately, IT strategic planning in many organizations falls far short of being a useful,
dynamic tool for change.

Security Authorization: An Approach for Community Cloud Computing Environments
Cloud computing enables network access to a shared pool of computing resources, such as servers, applications, and networks, which can be rapidly provisioned and released with minimal service provider interaction. Security authorization assesses the security of a system or application by identifying risks and determining which have been mitigated to the extent that the cost to exploit them is greater than the expected gain. When risks cannot be sufficiently mitigated, security authorization can document the residual risks.

Blogtronix Announces the Release of blogtronixMicro
Blogtronix recently released blogtronixMicro, its new micro-engagement platform. BlogtronixMicro is designed to be a truly micro-social platform; which incorporates key multimedia and social networking capabilities from the Blogtronix' main platform. The result is the most complete, and the only truly micro-social platform available which will revolutionize how companies communicate, both internally and with their customers, giving them flexibility to respond to any event either at a workstation or on the go.

Information Security Governance: Government Considerations for the Cloud Computing Environment
Information security governance mechanisms enable organizations to better manage information security. These mechanisms are especially critical when migrating information assets to a cloud computing environment (CCE)-a process federal government agencies are considering because of the numerous benefits possible in a CCE, including reduced costs, on-demand services, and increased deployment flexibility. Operating in a cloud, however, also increases security risks and can complicate legal and compliance issues. So if federal agencies adopt a CCE, they must also invest in an information security governance mechanism.

Continuous Situational Awareness
Situational awareness is the ability to quickly understand environmental variables. The actionable intelligence can drive faster response times, better informed decisions, and higher IT service levels. BigFix provides the pervasive real-time asset visibility that enables an organization to obtain situational awareness into all computing assets, their current state, and all dynamic changes they may be experiencing.

The Open Source Solution
With its involvement in the Eclipse Foundation, and the evolvement of its BIRT - or Business Intelligence Reporting Tools - technology, it's clear that Actuate has fully embraced the Open Source solution. Jeff Morris, Actuate's senior director of product marketing, recently sat down with Perform Magazine to discuss the new world Open Source is opening up for Actuate and its customers.

Enterprise Intelligence and Visualization (EI&V)
How easy is it to access information from across your organization to quickly make informed decisions? Are you searching across multiple data sources to find the data you need? When you find the data, is it in the best format for your audience's use and understanding? Making decisions in today's chaotic, data-saturated silo environment can be an insurmountable task. Yet, government leadership at every level is being pressured to make informed decisions that provide transparency and increase value with fewer resources.

BIRT for Recovery How Open Source is Transforming Government Data into Dynamic Information Ecosystems
On February 17, 2009, President Obama signed into law The American Recovery and Reinvestment Act of 2009 (ARRA), pledging a renewed focus on open government and transparency, and making it clear that in order for efforts
to succeed this renewed focus had to become a top priority at each step of its execution. To provide initial guidance, the White House released detailed documents on Recovery Act transparency and reporting, which broadens the focus beyond funding programs to include details pertaining to how performance information is communicated to stakeholders, and the means by which this may be accomplished.

Cloud-Ready Enterprise Architecture
The rapid growth of Cloud Computing, a style of computing in which scalable and elastic IT capabilities are provided as a service to multiple clients using Internet technologies, has significant promise for federal agencies but requires a coordinated approach to planning and implementation.
The decision to move to a cloud environment is not just technical; rather, organizations need to ensure that their Cloud Computing activities are consistent with and supportive of their business, technical, and security strategies.

NetWitness Announces Partnership with Targaid Trusted Systems
NetWitness Corporation announced today that it has signed a reseller agreement with Targaid Trusted Systems (TTS), a leading South African firm offering integrated IT-security and governance, risk and compliance solutions. This agreement further expands the NetWitness presence across the African continent with specific focus on South Africa, adding the world's most advanced network security solution to Targaid's security product portfolio.

San Joaquin County Office of Education: Smarter, Faster IT Operations with BigFix
The San Joaquin County Office of Education (SJCOE ) is a regional agency whose mission is to provide educational leadership, resources, and service to assist school districts to be effective facilities of learning for all pupils. The 75 SJCOE sites are widely dispersed across the region with various network connection technologies and bandwidth sizes-from VSAT SAT to T1, to cable links. Pushing large software packages and patches to these dispersed systems was challenging-particularly over high latency, low-bandwidth links. Relying on a manual process, it was nearly impossible to validate proper patch installation and a secure system configuration.

Ethical Choices
Ethics plays a crucial role in many industries where professionals deal with sensitive information, from doctors and lawyers to journalists and engineers. But while the basic tenet of ethical codes-"do the right thing"-is universally accepted, each discipline brings countless variables and details specific to its particular industry, requiring unique and evolving guidelines to ensure that the interests of all parties, including society at large, are protected.

Maintaining Continuous Compliance
Meeting regulatory and internal compliance guidelines is a de facto standard practice for IT operations and IT security teams in public and private organizations. IT organizations carry out internal audits on a regular basis plus audits of critical systems and infrastructure annually in accordance with regulations such as FISMA, HIPAA/HITECH, PCI, SOXSOX, and many others. To keep up with the different internal and external compliance audit requirements, IT organizations often find themselves in a reactive mode addressing requirements on a project by project basis instead of as an ongoing, strategic business requirement. This approach brings with it security risks and much higher costs.

$1 Million in Tech Grants Available for Public Sector Legal Departments
In these tough economic times, when governments are fiscally under water, Abacus is giving back to the community by helping under-funded agencies acquire and use valuable technology. With Abacus Legal Technology Grants, public sector legal departments are eligible for either an outright grant (up to $20,000 in direct awards of AbacusLaw software and services), or a matching grant (no maximum specified), to augment related local, state and Federal budgets.

Dr. Suzanne Acar, Senior Federal Data Architect (Enterprise Architecture & Infrastructure Council)
Deedee Akeo, Chief Architect, Business Transformation Agency (Enterprise Architecture & Infrastructure Council)
Lynn Allen, Deputy Chief Information Officer for Business and Technology Modernization, HUD (Security Council)
Dr. Peter Alterman, Senior Advisor for Strategic Initiatives, NIH (Security Council)
Frank Bauer, Vice President for Government Training and Professional Development, Graduate School (Workforce & Leadership Council)
Dr. Scott Bernard, Deputy Chief Information Officer, Federal Railroad Administration, Transportation (Enterprise Architecture & Infrastructure Council)
Andrew Blumenthal, Chief Technology Officer, ATF, Justice (Enterprise Architecture & Infrastructure Council)
Dr. W. Stan Boddie, PMP, CISSP, Professor of Systems & Technology Management, i-College, NDU (Workforce & Leadership Council)
Thomas Boyce, PMP, Deputy Chief Information Officer & Director, Office of Information Services, NRC (CXO Council)
Gayle Bracy, Director, Office of Enterprise Solutions, Treasury
(Enterprise Architecture & Infrastructure Council)
Dr. Barry Brown, Deputy Director, Enterprise Systems Engineer, Customs and Border Patrol, DHS (Enterprise Architecture & Infrastructure Council)
Devon Bryan, Director, Cybersecurity Operations, IRS (Security Council)
Jonathan Cantor, Executive Director for Privacy and Disclosure, SSA (Security Council)
Marian Cody, Chief Information Security Officer, HUD (Security Council)
Colleen Coggins, Chief Knowledge Officer, Interior (Enterprise Architecture & Infrastructure Council)
Doreen Cox, Chief Architect, Director, Enterprise Architecture Branch, Office of Information Technology, Customs & Border Protection, DHS (Enterprise Architecture & Infrastructure Council)
Patricia Craighill, Special Advisor to the Chief, Warfighting Integration, NEXTGEN/JPDO, Assistant Director of Defense, SAF/XC - NEXTGEN,U.S. Air Force (Enterprise Architecture & Infrastructure Council)
Elisa Cruz, Chief Information Security Officer, FEMA (Security Council)
Linda Cureton, Chief Technology Officer, NASA (CXO Council)
Kevin Deeley, Chief Information Security Officer, Justice (Security Council)
Brian Doerk, PMP, Project Manager, U.S. Coast Guard (Enterprise Architecture & Infrastructure Council)
Steve Elky, Chief Information Security Officer, Library of Congress (Security Council)
Rich Ferguson, Chief Information Officer, Federal Labor Relations Authority (CXO Council)
Frederic Foley, Chief Architect and Director of Enterprise Architecture, U.S. Coast Guard (Enterprise Architecture & Infrastructure Council)
Ylanda Ford, Director, Enterprise Architecture, OCIO, HUD (Enterprise Architecture & Infrastructure Council)
Christopher Fornecker, Chief Technology Officer, Integrated Acquisition Environment, GSA (Enterprise Architecture & Infrastructure Council)
Sharon Fratta-Hill, Ph.D., VP of Academic Programs and Distance Education, Graduate School (Enterprise Architecture & Infrastructure Council)
Christopher Garcia, Director, Cyber Security and Incident Response Center, FAA (Security Council)
AJ Germek, Assistant Deputy Special Inspector General, CIO for the Troubled Asset Relief Program, SIGTARP, Treasury (CXO Council)
Ned Goldberg, Chief Information Security Officer, FDIC (Security Council)
Peter Gouldmann, Security Architect & Knowledge Officer, Office of Information Assurance, US Department of State (Security Council)
Ken Griffey, Chief Information Officer, Stennis Space Center, NASA (Enterprise Architecture & Infrastructure Council)
Ira Grossman, Chief Enterprise Architect, FEMA (Enterprise Architecture & Infrastructure Council)
Chris Hardy, Director, e-Learning and Technology Center, DAU (Workforce & Leadership Council)
Brad Harshman, Chief Enterprise Architect, National Nuclear Security Administration, Energy (Enterprise Architecture & Infrastructure Council)
Randolph C. Hite, Director, IT Architecture & Systems Issues, GAO (Enterprise Architecture & Infrastructure Council)
Jerry Horton, Chief Information Officer, US Agency for International Development USAID (CXO Council)
Patrick Howard, Chief Information Security Officer, NRC (Security Council)
Marlene Howze, Chief Architect/Enterprise Architecture Program Manager, Labor (Enterprise Architecture & Infrastructure Council)
Jack Israel, Chief Information Officer I&A, DHS (Security Council)
James Johnson, Chief Information Officer, Congressional Budget Office (Enterprise Architecture & Infrastructure Council)
Richard Klemmer, Chief Enterprise Architect, NTIA, Commerce (Enterprise Architecture & Infrastructure Council)
Mary Lacey, Deputy Program Director, AEGIS Ballistic Missile Defense, Missile Defense Agency (Security Council)
Kevin Lawson, Branch Chief, Applications Development Branch, IT Division, TSA (Enterprise Architecture & Infrastructure Council)
Phillip Loranger, Deputy Chief Information Security Officer, Education (Security Council)
Tan Luong, Chief Enterprise Architect, IT Department, US Mint (Enterprise Architecture & Infrastructure Council)
Roger Mahach, Chief Information Security & Privacy Officer, OCC, Treasury (Security Council)
Randy Maples, CEA, Deputy Chief Information Officer - Management, FTC (Enterprise Architecture & Infrastructure Council)
Ethel Matthews, Senior Advisor to Chief Information Officer, Security and Privacy, SBA (Security Council)
Mary McCaffery, Senior Advisor, Assistant Administrator, EPA (Enterprise Architecture & Infrastructure Council)
John McCue, Acting Chief Enterprise Architect, Office of Administration, White House (Enterprise Architecture & Infrastructure Council)
Chuck McGann, Director, Corporate Information Security, US Postal Service (Security Council)
Debra McKeldin, Chief Enterprise Architect, Centers for Medicare and Medicaid Services, HHS (Enterprise Architecture & Infrastructure Council)
Margaret Mech, Chief Information Security Officer, FTC (Security Council)
Matt Newman, Professor of Systems Management, NDU (Enterprise Architecture & Infrastructure Council)
Jillian O'Connell, Chief, Enterprise Investment and Information Management, US Geological Survey (Enterprise Architecture & Infrastructure Council)
Walt Okon, Senior Enterprise Architect, DoD Enterprise Architecture & Standards Directorate, Defense (Enterprise Architecture & Infrastructure Council)
Bajinder Paul, Chief Information Officer of the Office of the Comptroller of the Currency, Treasury (Enterprise Architecture & Infrastructure Council)
Richard Prentiss, Chief Information Security Officer, Office of Thrift Supervision, Treasury (Security Council)
Ken Rogers, Director, Enterprise Architecture & Strategic Planning, IRM/BPC/EAP, U.S. Department of State (Enterprise Architecture & Infrastructure Council)
Joe Rose, Chief Architect, Education (Enterprise Architecture & Infrastructure Council)
Larry Ruffin, Chief Information Security Officer, Interior (Security Council)
Timothy Ruland, Chief Information Security Officer, Census Bureau (Security Council)
Eddie Saffarinia, Assistant Inspector General for Information Technology, Interior (CXO Council)
Peter Sand, Director of Privacy Technology, DHS (Security Council)
Dr. Ronald Sanders, Associate Director of National Intelligence for Human Capital, Chief Human Capital Officer, DNI (Workforce & Leadership Council)
Daniel Sands, Chief Information Security Officer, Director, Information Security and Awareness Office, OCIO, National Institutes of Health, HHS (Security Council)
Marco Santini, Deputy Director, Customer Accounts & Research, GSA (Workforce & Leadership Council)
Daud Santosa, Chief Technology Officer,National Business Center, Interior (Enterprise Architecture & Infrastructure Council)
Derek Scarbrough, Chief Information Officer, Institute of Museum and Library Services (CXO Council)
Michael Schievelbein, Project Manager & Solutions Architect, Solutions Coordination Office, National Business Center, Interior (Enterprise Architecture & Infrastructure Council)
Tim Schmidt, Chief Technology Officer, Transportation (CXO Council)
Robert Seay, Acting Chief Enterprise Architect, GSA (Enterprise Architecture & Infrastructure Council)
Donna K. Seymour, Deputy Assistant for Administration for the Under Secretary of the Navy, Navy (Enterprise Architecture & Infrastructure Council)
Rene' E. Smeraglia, Chief Information Security Officer, US Mint (Security Council)
David Stender, Associate CIO for Cybersecurity, Chief Information Security Officer, IRS (Security Council)
John Sullivan, Enterprise Architecture Advisor for Governmentwide Policy, GSA (Enterprise Architecture & Infrastructure Council)
Peter Sullivan, Director, Office of the Chief Information Officer, Labor (Enterprise Architecture & Infrastructure Council)
Eric Sweden, Chief Enterprise Architect, NASCIO (Enterprise Architecture & Infrastructure Council)
Harry Tabak, Chief Enterprise Architect, NOAA National Weather Service (Enterprise Architecture & Infrastructure Council)
Diana Takata, Acting Chief Architect, JPDO, Next Generation Air Transportation System (NextGen) (Enterprise Architecture & Infrastructure Council)
George Thomas, Deputy Chief Enterprise Architect, HHS (Enterprise Architecture & Infrastructure Council)
Dr. Paul A. Tibbits, MD, Deputy Chief Information Officer, Office of Enterprise Development, Veterans Affairs (CXO Council)
Dr. James Trinka, Director, Training and Technical Development, FAA (Workforce & Leadership Council)
Arleas Upton-Kea, Director, Division of Administration, FDIC (Workforce & Leadership Council)
Raghav Vajjhala, Chief Enterprise Architect & Director, Office of Enterprise Architecture, Treasury (Enterprise Architecture & Infrastructure Council)
Brian Wilczynski, Director, Enterprise Architecture & Standards, Defense (Enterprise Architecture & Infrastructure Council)
Dennis Wisnosky, Chief Architect, Chief Technical Officer, Business Mission Area, Office of the Deputy Chief Management Officer, Defense (Enterprise Architecture & Infrastructure Council)
Paul Wormeli, Executive Director, Integrated Justice Information Systems Institute (Enterprise Architecture & Infrastructure Council)
Col. Douglas Wreath, Director, Net Centric Operations Division, Joint Planning and Development Office (JPDO) US Air Force (Enterprise Architecture & Infrastructure Council)
Dr. Robert "Rocky" Young, Associate Professor of Systems Management, NDU (Enterprise Architecture & Infrastructure Council)
David Zeppieri, Chief Information Officer, Overseas Private Investment Corporation (Enterprise Architecture & Infrastructure Council)

Welcome to GTRA

GOVTek Monthly Newsletter: Issue 71, July 2010