Obey the rules

Complying with regulations can be tricky enough to turn you into a rebel with a pretty good cause, or so it seems sometimes. Some technology companies, seeing the wisdom of developing products for customers who have to comply with rules, are bringing new tools to market to help ease some of that regulatory burden.

Officials at Vista Technology Services Inc., for example, are developing a set of data-collection and analysis tools to aid agency officials in complying with Executive Order 13327, usually called by its catchier moniker EO13327. Sings, doesn't it?

The order pertains to managing property assets. It requires agencies to collect and use data to manage the 650 million acres of land and 3.5 billion square feet of building space that the government owns.

Agencies have not done well so far, according to Vista officials. And there's no official framework or guidelines that agency leaders can follow to be sure they're complying with the order, although some are on the way from the Office of Management and Budget, according to Vista's chief executive officer, David Baxa.

The company's product starts with tools to help customers assess and catalog their assets, he said.

"In order to do any kind of asset management, you have to understand what you have to start with," he said. "There are a number of agencies that have expressed concern that they need to get a good handle on what they have."

Vista officials approached the problem by building on the company's experience in managing the closure of military bases, which required careful tracking of assets, Baxa said.

The software tools will address three broad areas: the initial inventory, requirements analysis and decision support.

When President Bush issued the executive order earlier this year, Baxa said, Vista officials saw an opportunity.

"We were already doing work in facilities analysis," he said. "It's just a natural extension. We didn't set out this year to necessarily go in this direction, but with the issuance of an executive order, it seemed like a natural fit."

Meanwhile, officials at Lockdown Networks Inc. and Watchfire Corp. are releasing products aimed at agencies trying to comply with the Federal Information Security Management Act (FISMA), which requires certain security assessments and protections.

Lockdown is releasing Version 3.0 of its line of network appliances, including a new platform for Lockdown Auditor, said Rick Peterson, the company's director of federal sales.

From the agency perspective, he said, FISMA compliance is "a necessary evil, but [agencies ask themselves], 'How many resources do we assign to that, and what can we get away with? What do we actually have to do?'"

Lockdown's products make it easier for agencies to do the necessary reporting to show that they are complying with the law's requirements, he said.

The products evaluate security threats and risks. "We can give [agency officials] a real-time snapshot of where their security is" and generate reports that they can show OMB officials, he said.

Watchfire has introduced WebXM, AppScan and AppShield, which automate security processes, identify needed architecture updates, analyze all Web-related systems and servers that an agency controls, provide detailed recommendations to help plug vulnerabilities, identify risks and provide auditing, reporting and trending capabilities.

"It will assess your Web applications, looking for a variety of defects," said Steve Orrin, vice president of security and technology at Watchfire. "It's not FISMA-specific; [however,] it will test for all types of security vulnerabilities."


  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.