Across the United States, about 660,000 people are homeless on any given night. Over the course of a year, 2.5 to 3.5 million people nationwide will experience at least one night of homelessness. As of January 27, 2010, 11,774 people throughout the metropolitan Washington region indicated that they were homeless – a 1.7 percent decrease from 2009 . The DLT Foundation and the Reston Youth Association (RYA) are doing their part to further decrease that number.

I’ve received several questions about ISO 19770, the international standard for Software Asset Management, over the past couple of months. Let’s review the landscape… First of all, ISO is an acronym for the International Organization for Standards (ISO) based in Geneva, Switzerland. It is a network of the national standards institutes of over 163 countries that, through many specialized committees, works to develop a consensus among member nations on standards that will be accepted by all countries. You have very likely heard or seen advertisements for companies that included a reference to their ISO 9000 certification, which is becoming a worldwide quality management requirement for companies that wish to become part of a supply chain for major global manufacturers or distributors.

In previous blogs we talked about needing to educate the end users and knowing the details of what activity is occurring on your enterprise’s systems. In part 3, we’re going to talk about Compliance and Endpoint Management. Simply speaking, Compliance is setting a policy and how well you adhere to the policy. If a policy is set to only allow passwords longer than 8 characters in your enterprise, Compliance is the measurement of enforcement of that policy. Any deviations or exceptions from the policy are clearly documented and recorded. So why is Compliance important? A well-developed endpoint security policy ensures that common attacks and threats can be mitigated before they happen. By adhering to that policy, you are protected and secure from attacks without any other controls. There are many examples of compliance guidelines like NIST 800-53 and FDCC (Federal Desktop Core Configuration).

I am often asked to explain the Common Criteria certification process. If you dig below the surface a bit you will find that Common Criteria certification is very Un-Common. The name originated in the multilateral agreement that established the process in 2000: Arrangement on the Recognition of Common Criteria Certificates in the field of Information Technology Security. The certification is called ‘Common’ criteria because the ‘Arrangement’ was initially agreed to, in common, by the nations of Australia, Canada, Finland, France, Germany, Greece, Italy, The Netherlands, New Zealand, Norway, Spain, the United Kingdom, and the United States of America. It just so happens that these countries often cooperate on global security issues, more so than, for example, with China or the Russian Federation. The value of the certification is the assurance to manufacturers that the product certificate will be accepted by signatories to the Arrangement. In many cases a project engineer or architect may look first to the list of certified products rather than marketing collaterals when designing a secure system. So, if vendors expect to sell into a secure environment, the applicability of Common Criteria certification should be a consideration early in the product roadmap.

If you have come across a requirement for product compliance with FIPS 140-2, Security Requirements for Cryptographic Modules, you may have wondered about FIPS and its applicability to information technology products. FIPS is the acronym for Federal Information Processing Standards. FIPS was established in the 1960s to provide uniform guidelines or specifications for processes, data interchange, and functionality within the Federal government’s early information technology departments. Currently FIPS are maintained by the National Institute of Standards and Technology (NIST). In general, FIPS are developed and issued when there are no industry standards available for citation in requirements and/or procurement documents.

After more than five years in development Larry Ellison formally announced the release of Oracle’s Fusion Applications suite of products. The development of Fusion Applications started in 2004 and it is the largest engineering feat in the history of Oracle. “Oracle has taken the [best] functionality from its own eBusiness Suite applications, as well as its acquired PeopleSoft, J.D. Edwards and Siebel products, and rebuilt them to run on the company’s Fusion middleware,“ to form the next generation of enterprise application technology. By insisting on merging the best features from Oracle’s ERP, CRM, and HRMS products, Oracle created a Fusion applications design team using experienced engineers from eBusiness Suite, PeopleSoft, Siebel, and JDE, and consolidated their design work on a single unified platform. Fusion Applications are the first enterprise applications to be written 100% on Standard Fusion Middleware. In previous releases of Oracle’s family of applications (eBS, PeopleSoft, J.D. Edwards, and Siebel) the applications middleware was different from Oracle’s standard Fusion Middleware platform. Oracle in essence had two middleware development teams working separately on two types of middleware. The goal behind Fusion Applications was to combine the applications middleware team with the Fusion middleware team and extend Fusion Middleware to support Fusion Applications.

As this is the first week of the first year of a new decade, predictions are in demand. Below are my predictions for Information Technology in the Federal, State, and Local public sector. I promise to revisit these predictions at the end of December to test their accuracy. Wink. Cloud Computing: Off and running, finally. In the last few months the Departments of Interior and Agriculture, and the General Services Administration have committed to the cloud for office productivity applications like Google Apps or Microsoft’s Business Productivity Online Suite. Major cities including Los Angeles and New York have also made the decision to adopt cloud services. The latest buzz is that FedRAMP will be ready for prime time by April.

The below blog was written by and published with permission by Steve O’Keeffe. Steve O’Keeffe is the founder of MeriTalk – www.meritalk.com – the government IT network. MeriTalk is an online community that hosts professional networking, thought leadership, and focused events to drive the government IT dialogue. A 20-year veteran of the government IT community, O’Keeffe has worked in government and industry. In addition to MeriTalk, he founded Telework Exchange, GovMark Council, and O’Keeffe & Company Okay, the sexual tension is finally over. Agencies are starting to consummate their cloud love. First, GSA gets it on with Google with Unisys as chaperone. Less than a week later, USDA takes a roll in the hay with Microsoft. Seems that love letters are the first cloud apps - both awards are for e-mail and collaboration platforms. So, let's take a closer look at these celebrity romances.

A couple of weeks ago, I had the pleasure of participating in a panel for the Women in Technology event: “Enabling the Channel – Insights from Leading OEMs and Distributors.” The event was hosted by our friends at Google at their fun and hip office in Washington DC. My fellow panelists, Theresa Caragol, Vice President, Global Alliances & Partners, Ciena; Liz Anthony, Public Sector Channel Marketing Manager, Cisco; and Lynne Corddry, Vice President, Business Development, Public Sector, Red Hat, Inc., and I enjoyed a lively discussion and some very intuitive questions from the audience. The event was moderated by Christine Schaefer from DLT Solutions and Mary Conley Eggert from Tech Image.

This is part three in a four part blog series Oracle Open World (OOW) Recap. To view part two, visit Oracle Open World Recap – Part II Similar to the Keynote on Sunday, Larry entered the stage and began his presentation to highlights of his America’s Cup victory. Still beaming over the victory, Larry graciously introduced members of the America’s Cup team that were in attendance and asked that they stand, as they stood and took a bow they received a much deserved round of applause and cheers. The stage was designed in the traditional Oracle two screen set -up and bathed Larry in a warm reddish hue. Larry wore his trademark dark suit and turtleneck and limited his bombastic and condescending comments to Marc Benioff of Salesforce.com. Surprisingly, he only made one self-effacing or arrogant comment, depending on your perspective, when he called Bugatti his favorite commuter car. Not sure how many of us commute to work in a Bugatti so I don’t know how to interpret that comment so I will leave the interpretation up to the readers so that they can draw their own conclusion.