Print Page      Email Page
2009 Security Articles

Tutorial: BlackBerry - FISMA Compliance for Government Agencies
The process that agencies use to comply with FISMA is known as Certification and Accreditation (C&A). All agency-owned Personal Digital Assistants (PDAs) must be C&Aed along with the rest of the agencies systems and major applications. The PDA/smartphone of choice for the U.S. government is the BlackBerry. Therefore, understanding Blackberry security controls, threats, and vulnerabilities is essential to all U.S. government agencies...
December 16, 2009

Smartphone Security Basics for Information Officers
One of the chief differences between ordinary old cell phones and smartphones is that smartphones are able to launch sophisticated applications, and store data in file formats other than simple text files. For example, smartphones can launch applications like Microsoft Word, Excel, and PowerPoint and store documents in those file formats, and e-mail those documents to other users. While end users delight in working on the go and sharing information in advanced file formats, the increased functionality has at the same time increased security concerns.
December 16, 2009

FISMA is Good for America, Here's Why
With security intrusions continuing to plague U.S. federal agencies, some pundits have asked, "Is the Federal Information Security Management Act of 2002 (FISMA) doing its job?" Here’s the rub. No matter what sort of law is in place to require U.S. federal agencies to secure their systems and analyze risk, there will continue to be security intrusions at U.S. federal agencies (and everywhere else) for the foreseeable future. Get used to it and plan accordingly.
October 14, 2009

Is the Windows PowerShell a Threat to Security?
A few years ago, I was attending the MPP global summit, when Microsoft made the announcement to all of the MVPs that future versions of Windows would include the Windows Power Shell (which at that time was known as Monad). When the session finally ended, I remember having a conversation with my friend Bud about what we had just heard. I can't remember all of the details of our conversation, but I do remember that there were two things that we both agreed on...
March 20, 2009

Should we believe the Federal Computer Security Report Card?
The Federal Computer Security Report Card is published each year by the House Oversight and Government Reform Committee to show how well U.S. federal agencies complied with the Federal Information Security Management Act of 2002 (FISMA) in the prior year. The determination of grades is made by the U.S. Government Reform Committee after inspecting reports put together by OMB, agency inspectors, and the GAO. The OMB FISMA Report to Congress does not assign grades – it identifies trends, publishes percentages of compliance, and offers qualitative (Excellent, Good, Satisfactory, Poor etc) assessments of 25 large agencies.
January 12, 2009

DHTML Menu By Milonic JavaScript