With both the Obama Administration and the Federal Risk and Authorization Management Program (FedRAMP) so steadfast on the implementation of the cloud, it is imperative that they subdue all doubts the general public may have about its security. FedRAMP has reached out to officials from General Services Administration (GSA), Department of Homeland Security, the Department of Defense, and others to standardize the security of government cloud-based services.

NASA Solutions for Enterprise-Wide Procurement (SEWP) IV is a government wide acquisition contract supporting IT investments spanning from 2007 to 2014. SEWP is an indefinite-delivery, indefinite-quantity (IDIQ) contract vehicle and is coveted by many contractors as a gateway into large scale contracts and access into a plethora of agencies. SEWP is one of the few contract vehicles which actually manages the contracts and allows agencies to utilize resources from a centralized platform. A Federal Computer Week Report highlights some key features:

As IT systems continue to grow in size and sophistication, greater security measures are needed to ensure that critical data stays secure. Enter Continuous Monitoring. The automated process creates data on the status of operational and business processes that goes into constant feedback loop, allowing the system to constantly quantify risks and potential compromises to the system against a constantly changing environment. With constant awareness, those said risks and compromises can be dealt with immediately creating a secure network.

The Open Government Initiative set forth by the Obama Administration in 2009 requires Federal agencies to take immediate steps to achieve milestones in transparency, participation, and citizen collaboration. Most Federal, state, and local organizations have jumped on the social media bandwagon as a tool for communicating with citizens and making their agency’s goals transparent. However, the average American largely still feels disconnected from large impersonal agencies. An excellent example of the inability of large organizations to genuinely connect with citizens is their Twitter feeds. Most agency Twitter feeds are merely pushing out information, not engaging in conversation. An article published by the Campaign for a Stronger Democracy, an independent group, noted “if you work for a government agency, and you’re interested in social media, ask yourself, can any average person name one person from your agency? If they can’t, you have failed at social media for your organization.”

An ever growing area of concern within Federal, State and Local governments is how to manage mobile devices securely- and how implement a policy allowing employees to use whichever device(s) they’d like. As these devices and applications become critical to an organization’s success, IT is challenged with efficiently managing the full lifecycle management of devices across the enterprise. Mobile Device Management provides IT organizations the control they need to securely manage mobile devices throughout their entire lifecycle, simplifying these processes across multiple device types and mobile operating systems in a single console. With discovery, configuration, apps, and policy management, organizations now have the peace of mind that their mobile devices, critical data, and networks are secure from potential threats.

Since the passing of the Federal Information Security Management Act in 2002 (FISMA), the Office of Inspector General (OIG) has been required to perform yearly audits on their agencies IT security programs. After the completion of the FY2012 audit for the General Services Administration, it appears the IT Security Program has some work to do. The audit released today uncovered three glaring security control deficiencies, majority seemingly the result of inattentiveness.