Industry News

Industry News

Streamlined Grant Reporting May Be Coming Soon
Streamlined Grant Reporting May Be Coming Soon
June 27, 2018
Survey shows data standardization can boost efficiency, though cultural blocks remain.
Author: Charles S. Clark, Government Executive
Opioid Crisis Mapping and Collaboration Effort Continues Expanding
Opioid Crisis Mapping and Collaboration Effort Continues Expanding
June 27, 2018

New and larger jurisdictions have begun to join the Opioid Mapping Initiative, a coordinated effort to help local government agencies share insights and use data to visualize the story of the nation’s ongoing opioid crisis. 

As such, an effort meant to last a year when it was launched in October is now being prolonged. The Opioid Mapping Initiative, coordinated by New America’s Public Interest Technology Team, is being pushed forward by increased participation and interest, said Jeremiah Lindemann, a public interest technology fellow at New America who is coordinating the work.

The effort started with a diverse list of 10 agencies, ranging from Boulder County, Colo., to Orange County, Calif., to West Allis, Wis. It now includes 14 government agencies and two universities, with one notable addition being Cook County, Ill., which is home to Chicago.

“This started with me stalking governments that had already been doing things and getting them to share work in these venues,” Lindemann said. “No one had answers for everything, and they were all eager to learn from each other.”

There are essentially two facets to participating in the Opioid Mapping Initiative. The first is sharing data sets for use on the map, which is powered by the gov tech company Esri. This map, primarily, shows the locations and stories of deaths related to opioid use.

Users can click on instances where opiates have claimed a life and see where the tragedy happened, a picture of the deceased, and a story about who he or she was, essentially putting a human face on the epidemic to demonstrate that this is not an abstract problem, that it’s affecting people everywhere and of all different ages, genders and socio-economic backgrounds. It’s a timely effort, given that opioid use continues to worsen, claiming the lives of an average of 115 Americans a day, according to the Centers for Disease Control and Prevention.

The second facet of participation is a monthly phone call with the other agencies to share the work being done. These calls have already yielded results. For example, Tempe, Ariz., recently described a dashboard it was using to map EMS responses to overdoses. The Northern Kentucky Health Department subsequently reached out to Tempe and swiftly replicated their work in its own jurisdiction.

In addition to the 14 agencies that have actively joined, others have begun to listen to the calls without yet fully committing.  

One continuing challenge the group faces, however, is a reluctance by some local governments to publicize the severity of the opioid crisis within their boundaries. Lindemann said there is sometimes a sense that officials are worried a visualization of drug deaths will be a blight upon economic development.

“It gets stifled under the guise of economic development,” he said, “but it’s not so much about economic development right now. It’s about the development of the community down the road, and it’s about making a community better.”

Oakland County, Mich., a participating jurisdiction, can speak to that potential. Oakland County was using data visualization technology to show the high frequency of opioids being prescribed in the area, specifically showing that in 2015 there were 48 pills classified as opioids prescribed per resident, and not just per adult. There were 48 pills prescribed per man, woman and child. In 2016, that number fell slightly to 45.

“From a technology perspective, there’s a lot GIS can bring to the table,” said Tammi Shepherd, chief of application services for Oakland County Information Technology in an interview with Government Technology last year. “The dozen or so agencies participating in the fellowship are thought leaders in the area. We’re really excited to both share what we’ve done and learn about the best practices of others.”

Indeed, it would seem that more jurisdictions are seeing value in publicizing the severity of the struggle, as well as in coordinating with other agencies. Cook County actually reached out to the group to inquire about joining. Cook County’s largest city, Chicago, is often in the news for gun violence, but deaths related to opioid use have outpaced shooting fatalities.

According to local news reports, opiate deaths in Chicago have almost doubled since 2013, eclipsing 1,000. By comparison, there were 650 shooting deaths last year in the city.

Using tech to combat the opioid crisis is also a growing trend nationwide. Last year, Attorney General Jeff Sessions announced the Opioid Fraud Detection Unit, a federal effort that seeks to use data analytics to identify malfeasance among prescribers. At the state level, related tech efforts are underway in Maine, Virginia and Pennsylvania, among others. While efforts are less common with city governments, jurisdictions such as Cincinnati have taken action, too.

Moving forward, The New America project has a trio of objectives: continue to expand to new jurisdictions, create more national data maps, and help communities to drive decision-making processes related to policies.

For Lindemann and others involved with the work there is a sense that peer pressure may be pushing more jurisdictions to join. In the Phoenix area for example, Tempe’s involvement has sparked interest among others in the region.

“Everyone has a part they can play, and it’s cross collaboration,” Lindemann said. “If you’re a county, you have death data, you probably have some law enforcement data as well. If you’re a city, you have first responder data, and then if you’re a health department, you have all sorts of community resources data such as where there are treatments and being more proactive about what’s out there. Everyone has some type of stake in this, and it is going to be a collaborative effort.”

Jurisdictions interested in joining the work can find more information here.

Author: Zack Quaintance
Four Measures to Keep Agency Cloud Data Safe (Industry Perspective)
Four Measures to Keep Agency Cloud Data Safe (Industry Perspective)
July 2, 2018
Hacking

When news of the latest government data breach breaks, most will conjure up images of nefarious hackers exploiting networking vulnerabilities. For others, their thoughts may turn to agencies relying on aging IT systems that cannot withstand a legitimate fight against today’s cyberthreats.

However, there is a new breed of data breaches developing, aimed at the cloud storage buckets offered by Amazon, Google, Microsoft and other cloud vendors. These compromises take place when organizations alter rules determining who has access to shares or documents that open the door for unauthorized users to access data stored in cloud services. 

These “leaking buckets” of data are a widely overlooked security risk that goes unnoticed until disaster strikes. It is time to acknowledge that achieving a quick transition to the cloud can no longer be prioritized over security. 

The Perfect Storm of Vulnerability

Most IT professionals are familiar with the basic cloud storage structure: All of an organization’s cloud data is housed in “buckets” that are used to organize information and control access. Buckets cannot nest under one another like in a traditional file storage structure, and each must be assigned a unique name. 

By default, bucket contents are private; however, those settings are changed for a variety of legitimate reasons such as providing customer or third-party access to data. Bucket privacy settings are also sometimes overlooked or misunderstood by personnel unfamiliar with the cloud landscape — a risky oversight, considering buckets that are configured as public can be accessed by anyone who has the link.

A staggering number of private- and public-sector breaches — including the U.S. Army, Pentagon and National Security Agency (NSA) — prove there is a fundamental disconnect between cloud security settings, bucket-identifier conventions and who is ultimately responsible for securing cloud data. 

The crux of this cybersecurity epidemic lies in the fact that the cloud bucket namespace is global and publicly visible. When combined with misconfigured permissions and easily guessed identifiers, this creates a perfect storm of cloud data vulnerability. 

Four Ways Agencies Can Secure Cloud Data 

Implementing best practices for identifying data storage is key to keeping organizations off the radar of probing attackers. Security measures should also be in place to prevent access to cloud data storage through brute force or other attacks if discovered. Following are four foundational steps federal agencies should take to protect cloud data storage:

1. Add complexity: Make bucket names unguessable.

As with passwords, the longer and more complex bucket identifiers are, the better: Identifiers should be 64 alphanumeric characters or longer. Do not include the agency name, user IDs, email addresses, project names or other identifying information in identifiers.

2. Use tarpitting: Slow down attackers.

Discovering an agency’s cloud data storage location does not automatically equal compromise — successful access is still required. Often this occurs after many successive failures. Tarpitting security technology, which makes the time between attempts increasingly longer with each failed attempt, can prove a significant deterrent for hackers looking to quickly scan and access data." 

3. Limit password attempts: Block brute-force attacks.

Through brute-force attacks, intruders deploy software that does the work for them by generating a large number of consecutive guesses looking for an identifier until one works. Establishing maximum failed attempts is an easy way to deter these types of attacks. If the maximum number of failed attempts is exceeded, a temporary block of all activity from this attacker could be employed to further restrict access. 

4. Stay informed: Alert security personnel of problems. 

It is much more difficult for an agency to gauge its security stance or detect public cloud buckets staff are unaware the organization is being targeted. Security software should be configured to alert security personnel of multiple failed password attempts in order to determine if the issue is more than just a forgetful user. The scale of government enterprise cloud storage often results in sprawling bucket systems and applying secure naming standards can represent just one of many challenges to organizing and managing cloud data. 

To ease the burden, states should consider turning to solutions providers structured to meet the unique needs of federal organizations, whose cloud applications already integrate the strongest security industry’s best practices. State cloud data — much of it entrusted to the government by the citizens it serves — requires the utmost privacy and security protections available; only then can agencies fully unlock the transformative benefits of cloud implementation. 

Jayne Friedland Holland is the chief security officer at NIC Inc. (Nasdaq: EGOV), the nation’s premier provider of innovative digital government and secure payment processing solutions for more than 6,000 local, state and federal agencies across the United States. You may reach her at jayne@egov.com. More information about NIC is available at www.egov.com.

Author: Jayne Friedland Holland, NIC
Breaking Up Is Hard to Do: Why Some States and Cities Want to Secede
Breaking Up Is Hard to Do: Why Some States and Cities Want to Secede
June 20, 2018

Governing: Vikki Consiglio wants amenities. To be precise, the Georgia woman wants fine dining, a Whole Foods and an upscale hotel. And she and many of her neighbors are willing to form a new city to get it.

Consiglio is the head of the Eagle's Landing Educational Research Committee, a group that's pushing to form a new city out of the unincorporated portion of Henry County, Ga.

Author: State & Local Government Policy, Business and Technology: i360 Gov
Alaska Adds Innovation Officer to Its Ranks
Alaska Adds Innovation Officer to Its Ranks
June 20, 2018

The state of Alaska has created the position of innovation officer to help it achieve greater engagement and outcomes for its residents and businesses, according to Bill Vajda, Alaska's CIO.

Jason Schneider, who started working in May for Alaska’s Office of Information Technology, has been appointed to the position. He joins a growing cadre of innovation officers who are working for state and local governments to explore and guide new opportunities with IT. The city of Anchorage, Alaska, for example, added its innovation officer Brendan Babb two years ago to study the ways the city government consumes data and technology to deliver its services, according to an Anchorage Daily News report.

Schneider, who will report to one of the five chief technology officers in Vajda’s OIT agency, is tasked with the role of helping the state assist its citizens and businesses with current technology as well as to lead and foster innovation in government service delivery.

“Most government IT is focused on tinkering, owning and operating IT,” Vajda said. “But now, there is a shift in government to move from tinkering to a connecting culture.”

Those connections between the state and its citizens and businesses will be reached by finding new ways to analyze volumes of data the government collects to using analytics and artificial intelligence to deliver services.

Schneider’s eclectic set of work skills made him well suited for the role of innovation officer, according to Vajda. Schneider, a former general manager of e-commerce company MIUpperHand, also served in the Peace Corps in Tonga where he gained experience supporting and advocating for communities. He also served as a city commissioner for the city of Marquette, Mich. Most recently, Schneider was the founding executive director for the Marquette Chamber of Commerce.

The measure of success for this role will, in part, be based on the state’s ability to innovate so that it meets the expectations of its citizens and businesses. For example, Vajda notes the 18-year-olds who will be voting in this fall’s elections have no memory of what life was like pre-Internet and so their expectations of government services may be vastly different than what is currently offered.

“These 18-year-olds’ opinions are formulated by Amazon, eBay … speaking into a box to order a pizza,” said Vajda. “We don’t use artificial intelligence to interface with constituents, so meeting expectations like those is a challenge for the Office of Information Technology. We are working to catch up to what is out there today.”

Author: Dawn Kawamoto
Cook County, Ill., Hires Its First Chief Data Officer, Considers a New CIO
Cook County, Ill., Hires Its First Chief Data Officer, Considers a New CIO
July 12, 2018

The nation’s second-largest county is one step closer to filling out its technology bench, after experiencing a key departure last month. Cook County, Ill., has identified a finalist in its search for its next CIO and hired its first-ever chief data officer.

On June 27, longtime Cook County Board President Toni Preckwinkle nominated the agency’s Deputy CIO Tom Lynch as its next CIO, according to Joel Inwood, public information officer at the Cook County Bureau of Technology. If confirmed by two county entities, Lynch would claim its top technology job — held through June 15 by Simona Rollinson, who stepped down as CIO to join Chicago-based design-build company Clayco.

Meanwhile, the county’s inaugural CDO, Dessa Gypalo, started on June 11. She had concurrently been director of data services at campaign tech provider NGP Van and at EveryAction, a company specializing in resources for nonprofits, since September 2015 according to her LinkedIn profile. At the county, Gypalo will be in charge of its data portal and data analytics program.

With Rollinson as acting CIO, Cook County undertook a slate of multimillion-dollar agency system transformations, awarding IT contracts totaling $154 million for updates in integrated justice, property and revenue systems and for a multi-department enterprise resource planning (ERP) system. But the ERP, Inwood said, had been spearheaded by Lynch — and is nearly completed.

“He was named deputy CIO last year and the enterprise resource planning project — that’s his,” Inwood said, noting that the ERP replaced a variety of different county systems — some of which were still paper-based — in departments ranging from benefits to human resources. The modernization cost $70 million in 2015 and includes a modern biometric time and attendance system. The final wave of the ERP, expected to come as soon as later this month, will be a full integration of its new single sign-on function.

“There’s one version of the truth, which is really big for us. We have a lot of separately-elected offices with their own autonomous IT systems, so to have everybody on one system is really big for us,” Inwood said. Lynch’s nomination will be considered by the county’s Legislation and Intergovernmental Relations Committee later this month, and by the full Board of Commissioners on July 25.

Author: Theo Douglas
Contact Us For More Information!
* required
Contact Us For More Information!
* required