Search

The federal government has approved commercial products to operate on a defense cloud, marking the first time industry online offerings with this level of security are accessible to the military via such an environment. The accreditation, which took approximately two years, means that military organizations can route sensitive data through online software products. As more clients migrate to the cloud and employ the technology, the cost of use will drop. This creates a benefit for anyone wishing to take advantage of the offerings, which include a suite of products designed to enhance communications across Web, social and contact center touch points.

The U.S. federal information technology work force is sandwiched between two major trends it must address to continue successful operations—the retirement eligibility of the Baby Boomer generation and the emergence of Web 2.0. The former threatens to empty hundreds of thousands of positions across the government, while the latter is shifting how the work force thinks about and uses technology. Solutions for both these issues converge in the Net Generation (sometimes referred to as Generation Y or the Millennial Generation), the demographic of youth currently preparing to enter institutions of higher learning and the job market. However, this population group is not a panacea for the government’s problems, because the ideas held by these young adults will challenge the status quo.

Researchers at the U.S. Army Research Laboratory and Electronic Warfare Associates Incorporated have partnered to implement a new intrusion detection architecture designed to defend against advanced persistent threat. The architecture, a component of the Network Attack Characterization, Modeling and Simulation Testbed, is an Army Research Laboratory computer network defense enclave that secures against cyber adversaries by providing rapid flexible responses to new threats. The program was launched in 2008 to combat the growing threat of cyberwar by improving intelligence sharing and computer network defense tactics among the U.S. Defense Department, cleared defense contractors, universities and private companies.

Paul Strassmann continues from last week's "Gentlemen Do Not Open Attachments" with illustrations of how to implement safe social computing using virtual computers.

DoD policy recently opened access to Internet web pages from NIPRNET computers. This policy is unenforceable and is insecure. It allows the inadvertent inclusion of attachments for downloading of malware from where it can further propagate across DoD networks to subvert security.

When the Internet was originally created for Defense Department use, Cerf says that it was not designed to perform any particular operation besides moving bits from point to point. Because the requirements were so broad that it allowed the system to be tremendously flexible and scalable. "What is amazing is that the protocols have actually scaled [over the last 40 years]," he shared.

Two weeks ago, I listened to a U.S. Marine Corps brigadier general plead for a lightweight personal computer that shooters could use at the squad level. All of the talk he heard about net-centric networks was meaningless because network centricity did not reach where it was needed. If the civilians could walk around with BlackBerrys, why couldn't the U.S. Defense Department provide comparable services?

During an interview with Rear Adm. Michael A Brown, USN, last week, the admiral clarified the first-of-its-kind cybersecurity partnership with the state of Michigan.

Companies now can acquire certified identity credentials that facilitate employees’ physical and logical access when they work with the U.S. Defense Department, other government agencies and government-affiliated organizations. A biometrics-infused card authenticates a person’s identity using bar codes, a digital photograph and fingerprints. Through a not-for-profit association, contractors become part of an operational system that can exchange credential information with the government.

Next in SIGNAL's webinar series, "Securing the Data Center: A DOD Architecture for Information Assurance" will take place on May 7, 2009 at 11:00 AM ET.