As the IT landscape becomes more complex, government agencies need a more advanced approach to securing their infrastructures. In a nutshell, today’s IT administrators need intelligent tools to help their employees be productive from anywhere—while guarding user identity, protecting sensitive content, and efficiently detecting suspicious activity across the network. Microsoft can help governments achieve these goals. Consider the following:

Managing user identity

Today, 75 percent of all network intrusions can be traced back to compromised user credentials. Responding to this trend, governments have worked diligently to move away from traditional user names and passwords to deploy multi-factor authentication. Yet they need a simple way to manage identities across numerous applications obtained from different vendors, hosted within different cloud environments, and accessed from a wide variety of devices. Rather than requiring customers to implement multi-factor authentication separately for each application, Microsoft Azure Active Directory Premium provides single sign-on for numerous cloud-based applications—including those from Cisco, Box, Salesforce, Google, and thousands of others—across all major mobile device platforms including Windows, Android, and iOS.

In addition, Azure Active Directory Premium can help government agencies intelligently assess whether they should grant user access based on factors such as the health of the devices they’re using and the location from which they’re trying to log in—whether it’s a secure government facility or a coffee shop with unencrypted, wireless access. Using Azure Active Directory in combination with Microsoft Intune, IT administrators can determine how mobile devices will be managed and which policies will be applied in each instance. Conditional access is critical to maintaining security because today’s mobile workforce will leverage wide variety of networks and devices along with the same credentials and authentication types.

Protecting sensitive content regardless of location

Once government agencies have established a sound identity management platform, often their next priority is to secure their content. While it was once sufficient to protect the castle by simply locking the doors, today’s IT administrators need to protect confidential files in a mobile environment in which data regularly gets passed around from PCs to tablets to smartphones outside the physical walls of the building. Microsoft Azure Rights Management enables agencies and enterprises to encrypt content, safely sharing files as they move around among users and unmanaged devices—even protecting documents that end up being publicly posted.

Using Azure Rights Management, employees can protect sensitive data on any Office 2016 document including Microsoft Word, PowerPoint, Excel, and Outlook—for example, by mandating that users not forward or print certain files, or that perhaps content cannot be copied form the document at any time. Likewise, IT administrators can automatically apply requirements to files sitting in a SharePoint repository, or to emails as they move through the Exchange messaging system—designating that certain documents not be forwarded outside the organization or that confidential files can only be read by authorized employees.

Detecting and responding to network threats

For governments to efficiently respond to security threats, they must also be able to detect potential breaches across their network. Microsoft Advanced Threat Analytics (ATA) provides a simple and fast way to identify malicious attacks, identity theft, and potential cases of data loss. ATA leverages deep-packet inspection technology as well as information from multiple data sources to build an Organizational Security Graph that helps organizations understand normal traffic patterns on a detailed level. By learning the ways in which employees normally access data, ATA can more accurately pinpoint true abnormalities—say, for example, that someone tried to log in numerous times in the last five minutes from different devices on multiple continents. ATA helps to eliminate the false positives while focusing IT administrators on the true threats they face so they can quickly take action.

Today’s complex IT landscape requires an intelligent set of tools to prevent identity theft, protect confidential government content, and minimize malicious attacks across the network. Please see the Microsoft Enterprise Mobility webpage to learn more about how Microsoft is delivering these capabilities in today’s cloud-first, mobile-first world.

The post Managing security in a multi-vendor, multi-cloud environment appeared first on Microsoft Industry Blogs.

Indeed, one of the key principles of DevOps is the application of lean and agile practices across the entire lifecycle of a service or application. And one way to achieve this goal is through automation. By automating their builds, tests, documentation, and deployments to test servers, DevOps staff minimize the chance of error. What’s more, they make the deployment process repeatable across different environments.

A great example of this approach is the recent Federalist platform created by 18F, a group of designers, developers, and product specialists inside the U.S. General Services Administration. Federalist is a unified interface for publishing static websites that are secure and scalable, easy to maintain, and fully customizable.

Currently in beta release, the Federalist platform uses open-source code to offer a suite of well-designed templates that agencies can use and modify to suit their own needs—even without technical knowledge. Unlike expensive and complex traditional content management system (CMS) websites, content editing is a separate application rather than a capability that’s built into the web server, reducing the need for servers while allowing the same editing interface to be used across projects.

Once the text has been written, images uploaded, and the pages published, the outward-facing site acts like a simple website that’s fast, reliable, and scalable. As Gail Swanson, the lead researcher and designer on the project put it: “This is a platform that’s as easy to use as posting to a social media site, but has the flexibility and scalability that the federal government requires to manage humongous traffic.”

The new platform, which also integrates with Microsoft Azure, is designed to make it faster and cheaper for government agencies to build websites. The platform takes a layered approach in which security and configuration management is turned into automated scripts built into the platform itself. This makes it possible for agencies to avoid the time-consuming process of getting their websites reviewed for security and configuration reasons. It also frees up development teams to focus on website content.

By making it extremely easy to launch new websites, the Federalist platform wants to encourage federal agencies to create more citizen-facing services—and indeed, the plan appears to be working. Already, the White House has used the platform to build a website for its new Social and Behavioral Science Team charged with making government services easy to access, understand, and use. In addition, the U.S. Department of Education has used Federalist to launch its popular College Scorecard website that provides information about U.S. colleges such as average annual costs, graduation rates, and salaries after graduating.

In the coming months, I expect to see many more government websites take advantage of this new approach. As the Federalist platform demonstrates, the path to lean and agile DevOps is quickly becoming a reality, one that will result in a greater number of high-quality digital services.

The post Building lean and agile practices into DevOps appeared first on Microsoft Industry Blogs.

As part of its work, the U.S. Digital Service has created a playbook that spells out how digital services should be built and delivered, with best practices ranging from “make it simple and intuitive,” to “build the service using agile and iterative practices,” to “choose a modern technology stack.”

Since its creation, the U.S. Digital Service has been working with departments across the federal government to build agile digital services. Likewise, its partner 18F, a team of designers, developers, and product specialists with the General Services Administration, has begun helping federal agencies deploy twenty-first-century digital tools and services.

These efforts are starting to pay off. From projects that improve services for veterans to the recent Federalist unified interface for publishing static government websites, the U.S. Digital Service and 18F are creating digital services that improve access to government information.

Efforts such as these along with stronger adoption of DevOps practices show just how far the digital government has come in delivering citizen services. It’s no longer necessary to build large monolithic applications that are complex to develop and costly to maintain. With today’s technology, we can create an agile and cost-efficient development environment in which governments don’t have to recreate the wheel every time they launch a new website or introduce a new mobile service. Instead, they can take a layered approach in which components are reused by other government agencies.

A couple of examples:

• CMS-free code: Rather than building big blocks of code locked up in a content management system (CMS), websites can develop CMS-free code that’s open and transparent, and easily allows for updates—and then publish the code on GitHub so it’s available for reuse, as the federal government did when it built healthcare.gov. Not only does the lightweight design require fewer servers, but it’s faster to load on mobile devices. It’s also makes it easy for anyone without technical knowledge to update web pages.
• Infrastructure as code: Rather than manually configuring and deploying systems, applications, and middleware, applying the same steps every time new infrastructure is created, government developers can write scripts that automate these tasks. By automating processes that were once completed manually, “infrastructure as code” enables developers to accelerate software delivery by making it possible to replicate environments with speed, consistency, and very few errors. As Forrester Consulting put it in its recent thought leadership paper, “Automation takes confusion and error-prone manual processes out of the delivery life-cycle stages.”

Microsoft has contributed to Federalist and some of these open source efforts. In addition, we’ve incorporated some of these same principles into our own DevOps environment, allowing governments to develop, deploy, operate, and maintain digital services with the greatest agility and flexibility. For example, Visual Studio Online provides a set of cloud-powered collaboration tools that enable government developers to work effectively on software projects of all shapes and sizes. Developers can create stunning web applications and cloud services for Windows, iOS, and Android working in any language including Java, Python, HTML5, JavaScript, and C#. They can also integrate from virtually any device, platform, or technology stack.

In addition, the Microsoft Azure Government platform helps governments meet their goal of serving citizens with great agility. Teams can create and test applications very quickly and cost-effectively, deploy assets and services in an automated and repeatable way, and better operate and manage their overall IT infrastructure. And they can cut costs and quicken the pace of development by incorporating a variety of finished services into their offerings.

To learn more about how you can achieve a faster and more predictable application delivery lifecycle, please see our recent “An Agile Development Platform for Government” blog post.

The post Toward a Twenty-first-Century Digital Government appeared first on Microsoft Industry Blogs.

This includes announcing the Digital Services Team, a team that will work with government agencies to upgrade technology infrastructure and government websites, and establishing 18F, a group of experts focused on building and modernizing digital services in partnership with agencies, helping them better and more nimbly deliver on their important missions. Leaders at 18F have already begun inviting American citizens and technology designers and developers to improve the country’s code base, and choosing the right platform is a large part of this optimization process.

For agencies who are exploring a number of modernizations and moves to the cloud, it’s important to focus on environments that support agile development, code reuse and allow the government to scale the innovations they’ve created across all government agencies, without having to scale their workforce or invest in new applications.

At Microsoft, we applaud this approach and our platform is designed with this open and agile model in mind. In fact, we’ve been building on our code base in many of the same ways for years, and we are continually working to extend these capabilities across the larger ecosystem.

Our goal is to enable anyone, from federal employees to private citizens, to engage, collaborate and innovate with government by being able to freely access and use open source tools. To deliver on this vision, we embrace code reuse and interoperability across a variety of open source, open standards and languages. We also offer flexible cloud services to governments to help enable openness and choice of technology.

There are a number of ways Microsoft is actively committing to providing an optimal platform for an open and agile government. Here are a few proof points of our commitment to this strategy:

• Support for Open Source Languages & Environments: A growing number of open languages and platforms are supported by Microsoft Azure, including Java, PHP, Node.js, and Python. Additionally, many open-source environments, including Linux, Hadoop, MongoDB, Drupal and Joomla, run on the Microsoft platform. This type of support helps enable agencies to get started quickly and take full advantage of our Azure cloud services.
• Flexible Cloud Services: Due to the nature of Federal IT today, many agencies need to retain on-premises IT systems while also leveraging the scale, cost, and convenience of enterprise cloud services. Microsoft is the only cloud vendor that can offer a hybrid cloud platform, reaching across on-premises and the cloud, while offering agencies the ability to choose from a range of open source languages, libraries, distributions, and platforms.
• Embracing Code Reuse: Developers can plug into software services like GitHub and
  CodePlex to see what we’re doing and start sharing their own code. We are continually contributing to and working with open source communities to promote interoperability and make it easier for customers to develop and manage mixed IT environments.

One key advantage to the evolution of Federal IT service models is that Azure supports multiple operating systems at scale and allows agencies to deliver hybrid models of applications on an integrated platform. What this means is that with Azure, developers have the option to deploy applications and services in the cloud that do not depend on a specific platform. These applications can be delivered to users across a wide variety of device types and browsers, while supporting code reuse and collaborative development for continuous improvement in the future.

Azure is a service platform from which digital governments can flourish. At Microsoft, we are embracing the transformative potential of an open cloud and open source. Our cloud momentum this week in San Francisco, and our collaboration with Docker
on integrating Docker Hub into Azure, is further proof of our commitment to provide governments the openness, transparency, and choice needed to move to the cloud with confidence.

Stay tuned for more on this blog as we’ll be sharing more news and updates regarding our government cloud in the coming months.

Have a comment or opinion on this post? Let me know @Microsoft_Gov. Or e-mail us at ongovernment@microsoft.com.

The post Microsoft Embraces an Open Cloud for Digital Government appeared first on Microsoft Industry Blogs.