In this week’s roundup of federal IT news we explore the various balancing acts that CIOs need to maintain as they seek to empower agency workers to deliver on the mission more quickly and efficiently at the same time as prioritizing security and being mindful of privacy concerns. Here’s a look at how three agencies are approaching some complex mission-critical activities.
Department of Homeland Security Looks to Balance the Benefits of CDM with the Agency Workers’ Right to Privacy
The latest phase of the Department of Homeland Security’s Continuous Diagnostics and Mitigation program will necessitate the collection of small amounts of personally identifiable information (PII) in order to collect data about “an individual’s suitability and validity dates, clearance levels and validity dates, and training levels and completion dates.” The information is only available at the department-level rather than held by DHS, meaning that the impact on personal privacy is limited according to the mandatory privacy impact survey. This data is vital to the second phase of the CDM program which seeks to ensure that credentials and access privileges “are properly created and maintained, and that appropriate security training is occurring.”
Given both insider threats and fears of security fatigue is this the right approach? You can read more about phase 2 of DHS’s CDM program here and share your thoughts on the balance between privacy and security with us on Twitter.
Department of Defense Launches Public Vulnerability Disclosure Program
In a surprising move the Department of Defense (DoD) will be launching its own bug bounty program. Officially called a Public Vulnerability Disclosure Program, the idea was “spurred from a cultural change within the DoD after the success of Hack the Pentagon” which was held earlier this year. The program will involve the creation of a process for people to report security vulnerabilities to be shared with citizens, and fixed” according to a recent article in MeriTalk.
By upending the traditional privacy, if not secrecy around these issues, the Department of Defense is enabling security vulnerabilities to be fixed in a more timely manner and boosting the country’s overall cyber defense posture.
Want to read more? Click here
White House Explores Open Source Tools to Meet Citizens Where They Are
There’s no doubt that the Obama Administration has embraced technology to engage with citizens, make government more tangible, accessible, and impactful. In August President Obama answered his first Facebook message and this was just the first step in a revolutionary plan to change the way the White House connects with citizens.
To this end, Jason Goldman, Chief Digital Officer of the White House, announced this week that they are “we are open-sourcing a Drupal module, complete with easy steps and boiler plate code. This will enable Drupal 8 developers to quickly launch a Facebook Messenger bot. We also left a few lines in the repository describing our hopes for the future of the code and encouraging members of the developer community to get involved.”
He also noted that “[w]hile Drupal may not be the platform others would immediately consider for building a bot, this new White House module will allow non-developers to create bot interactions (with customized language and workflows), and empower other governments and agencies who already use Drupal to power their digital experiences.”
Interested in learning more? You can find the full story here.