Privacy and Security

Software Licenses Contract

Energy Department

T

he federal government is used to getting special discounts on some of its big technology buys. But it's not accustomed to squeezing hundreds of concessions from vendors in order to get a customized product.

That's what the Energy Department did in a contract for software licenses with Oracle Corp., a large database software maker. When Energy bought the licenses this year-for $5 million-officials required the company to make more than 250 security enhancements to the latest version of its product. Officials believe the modifications will make the software more secure, something that is of particular concern to Energy, which sends highly classified information through networks across the country.

The deal has won praise from security experts, who say other agencies could follow Energy's lead and use the government's buying power to gain not just price reductions, but improvements to products.

-Shane Harris

WHY IT WON
Used government buying power to get a better deal, and better software.
WHY IT'S INNOVATIVE
Adapted commercial software to government use at low cost.
WHAT DIFFERENCE IT HAS MADE
Offers other agencies a model for customizing their software.

Federal Technical Data Solution

Defense Department, Coast Guard, General Services Administration

T

he Internet has made it easier for government agencies to announce procurements and for contractors to find out about them. However, it has opened up new security concerns about posting sensitive information on networks that can be accessed around the globe.

In February, the Bush administration announced it would begin using a new application, known as the Federal Technical Data Solution (FedTeDS), to ensure the Web would be a safe place to do business. The program lets registered vendors pass sensitive information, such as drawings or technical information, back and forth with federal contracting officers by controlling access with passwords and digital signatures.

"By protecting and securing data between buyers and suppliers, FedTeDS enables the federal government to limit access to organizations that need the information, while providing unfettered access to the federal marketplace by potential suppliers," says

Deidre Lee, the Defense Department's procurement and acquisition policy director.

FedTeDS was first used by the Defense Department, but now is being used governmentwide.

-George Cahlink

WHY IT WON
Created a secure way of conducting government contracting over the Web.
WHY IT'S INNOVATIVE
Provides full access to procurement opportunities to qualified vendors.
WHAT DIFFERENCE IT HAS MADE
Made contractors more willing to bid for work online by ensuring secure communications.

Son of Snoop on Steroids

Army, Fort Hood, Texas

T

he technology staff at the Army's Fort Hood in Texas knows well an old security cliché: The most secure computer is turned off, disconnected from the network and locked in a vault. But that also makes the machine worthless.

Security is a balance between granting access to a system and limiting users' control over it. At Fort Hood, 400 employees need access to the base's network. But giving them full access is a security liability, especially since users could download virus-plagued software onto their machines, either knowingly or by accident.

In 1995, Fort Hood introduced Snoop, a simple program that inventoried all hardware and software associated with a computer every time the user booted up. Over the years, the sophistication of the software improved, and Son of Snoop was born. Now, Son of Snoop on Steroids, the latest and most powerful version, gathers 156 pieces of information from every computer.

The base's technology staff can "snoop" a machine and find security problems, often before the user is aware of them. The program also keeps track of who's using what types of hardware and software and how much disk space a user has left, freeing the staff from having to manually check machines. Now, Fort Hood is making Snoop available to other agencies so they can use it to monitor their systems.

-Shane Harris

WHY IT WON
Showed a continuing commitment to improving security.
WHY IT'S INNOVATIVE
Used simple, commercial technology to track hundreds of computers-something that befuddles the most sophisticated technologists.
WHAT DIFFERENCE IT HAS MADE
Allows technology staff to quickly find and deal with security problems on employees' computers.