News Feature | September 24, 2014

Government IT News For VARs — September 24, 2014

Christine Kern

By Christine Kern, contributing writer

Government IT News For VARs

In news this week, the Department of Homeland Security inspector general made recommendations to improve the Enhanced Cybersecurity Services (ECS) program, and the Department of Defense (DoD) is preparing to launch a new Defense Healthcare Management Systems Modernization (DHMSM) initiative. Meanwhile, three out of four mobile apps fail basic security tests, and approaches to data security and access need to be reformulated. Also, federal agencies are demanding FedRAMP-approved cloud services as the norm.

What DHS Must Do To Expand Cybersecurity Information-Sharing

This article from Fed Tech Magazine reported that a total of 40 critical infrastructure entities were participating in the Enhanced Cybersecurity Services program as of May 2014, according to a recent DHS inspector general report. An additional 22 companies had signed memorandums of agreement to begin receiving ECS services. But enrollment has been slow and not representative. The inspector general recommended that the U.S. Department of Homeland Security (DHS) ensure sufficient resources are available to vet program participants, improve outreach to critical infrastructure owners and operators, and develop a system to manage and analyze threat indicators for the program.

DoD And Tech Firms Face Daunting Healthcare IT Challenge

According to the eCommerce Times, the U.S. Department of Defense is preparing to launch a new initiative called the Defense Health Care Management Systems Modernization program, which is expected to support medical readiness for DoD’s military personnel and support the department’s current population of more than 9.6 million beneficiaries and more than 153,000 Military Health System personnel. Estimates for costs of the project are around $11 billion, and the initiative is designed to improve interoperability between the DoD and private hospitals.

Three Of Four Mobile Apps Will Fail Basic Security

According to this article from Fed Tech Magazine, Gartner says more than 75 percent of mobile applications will fail basic security tests through 2015, leaving them exposed to attacks and violations of enterprise security policies. It doesn’t help that more than 90 percent of enterprise bring-your-own-device programs use third-party apps, most of which are unsecure. And organizations don’t have the expertise when it comes to handling security. Gartner says organizations should focus on data protection and application containment solutions to boost mobile security.

Federal CIOs Reframe Security Around Data, Access

This article from CIO suggests that traditional approaches to security are becoming archaic.I think best practices have to completely shift,” Gus Hunt, operating partner at the private equity firm LLR Partners and the former CTO at the CIA, said this week at a government IT conference. CIOs should now move beyond approaching security as a compliance exercise and focus instead on continuous monitoring and addressing the most pressing vulnerabilities and defending the most valuable targets on the network.

Agencies Demand FedRAMP-Approved Cloud Services

Fed Tech Magazine reports that NASA, the Army, and the Commerce Department have set new requirements from their cloud services providers. The Federal Risk and Authorization Management Program has redefined how commercial cloud services providers do business with the government, setting clear expectations for both agencies and companies by creating a common language and standards for securing cloud-based products and services. The Commerce Department plans to procure a “FedRAMP-approved cloud e-mail and migration services for Government Community Cloud to support OIG’s mission.” NASA and the Army have set similar requirements.

For more news and insights, visit BSMinfo’s Government IT Resource Center.