The app is designed to share information about how to prepare for hazards and recover from a disaster — in part based on where users are located.

About 121,000 people have now gone back into the app and re-selected their location — 90 percent of active users had downloaded the latest app update as of last week— the agency told FedScoop. The 3.0.12 software update was designed to improve the app’s data storage and its protections for users’ personal information.

“Unfortunately, users who updated to 3.0.12 on both iOS and Android, and who had previously saved locations and settings customized for alerts and language, had to make those selections again,” FEMA Press Secretary Jeremy M. Edwards told FedScoop in a statement. “We also discovered that restoring previous settings once users had already re-set them was not possible, and rolling back to a previous version would be disruptive to the hundreds of thousands of users who had already upgraded to version 3.0.12 and did not experience this relatively minor issue.”

FedScoop noticed the issue after reading through the app’s recent reviews on the Google Play Store. On the app store, users had complained about the app failing to update properly, losing their customization preferences, and their alert settings being reset to the platform’s default settings.

The app has been around for more than a decade, according to FEMA, and underwent a major overhaul last summer, when the agency updated its accessibility and functionality.

“FEMA is committed to providing families with the tools and information they need to keep themselves and their loved ones safe from disasters,” FEMA Administrator Deanne Criswell said then. “By advancing our mobile app technology, we are better helping communities plan, protect and recover from disasters through clear, effective and relatable communication.” 

The post At least 100,000 people impacted by bug in FEMA mobile app software update appeared first on FedScoop.

The Scalable Ways to Implement Flexible Tasks (SWIFT) contract is mostly oriented around software. It spans apps across four domains: Platform-as-a-Service (PaaS), collaborative services, visualization and hyperautomation.

ICE planned to release the solicitation, ushering in a new procurement model, in January but delayed a month and later extended the deadline for Phase 1 of proposal submissions to March 14.

“SWIFT is available for use to ICE, and on a case-by-case basis approval may be granted to other
DHS components by the ICE SWIFT contracting officer and SWIFT program manager,” reads the combined synopsis/solicitation.

ICE plans to post responses to industry’s questions about SWIFT via an amendment to the solicitation as soon as possible. The amendment will include any additional extensions to Phase 1 that ICE determines are necessary based on industry responses.

Phase 2 of the process doesn’t have a start date yet but is slated for later in 2022.

SWIFT’s $340 million value will be split among the contract awardees, of which there can be up to eight  — two per domain. The PaaS and collaborative services domains are unrestricted, but the visualization and hyperautomation domains are set aside for small businesses.

Vendors may win awards in multiple domains, provided they submit separate proposals for each, and ICE hasn’t set any limits on teaming arrangements.

The PaaS domain covers ICE’s ServiceNow and Dynamics systems, as well as emerging technologies, with the goal of developing workflow automation improving user experience through self-service and mobility.

Hyperautomation combines technologies like robotic process automation (RPA) and machine learning (ML) to identify, vet and automate IT processes. ICE uses UiPath and Power Automate for RPA, and a potential hyperautomation use case is creating a predictive algorithm identifying future staffing needs.

The visualization domain covers dashboards and reporting using Tableau, Qlik, PowerBI and emerging services with the goal of deploying a mobile app by the third quarter of fiscal 2022.

Collaborative services support SharePoint and ICE.gov, as well as a digitized intake process for customer initiation.

The post ICE issues $340M SWIFT development contract appeared first on FedScoop.

Tunnessen, who has served as CTO since October 2015, will take a role as the first chief digital officer at Voice of America, a news media organization owned by the federal Broadcasting Board of Governors, on Jan. 9.

Prior to his time at USDA’s FSIS, he spent time as an engineer officer with the Army Reserve and as the chief of digital innovation and development for the U.S. Citizenship and Immigration Services.

At FSIS, Tunnessen has been a major advocate for the federal government’s move to open source. See him in action below talking with FedScoop TV about all things open source and how federal agencies are adopting it more and more.

The post CTO Jim Tunnessen leaving USDA’s FSIS appeared first on FedScoop.

GSA published a request for information Wednesday for “industry input on modernizing and securing email infrastructure while simultaneously improving collaboration capabilities within and across Federal Departments and Agencies to dramatically enhance the ability of Federal Government employees, contractors and other stakeholders to work together.”

Likewise, GSA said it issued the RFI to support recent White House efforts to improve federal cybersecurity.

Many collaborative work and messaging tools, like Google Hangout, Slack, GitHub and Trello, have come into vogue recently. Of note, GSA’s inspector general told the 18F digital services team to stop using Slack because of possible security vulnerabilities.

The agency breaks collaboration tools down into two categories: asynchronous, like email, calendaring, file sharing, and content management; and synchronous, like instant messaging, audio/video/web conferencing, group messaging or chat, and group document editing.

“Too few” federal personnel use modern, cloud-based collaboration tools, and many of the tools they do use lack interoperability, GSA says. Additionally, the lack of commonality between requirements can lead to security issues.

“The situation is a hidden tax on productivity; it wastes time, creates missed opportunities, and slows coordination and creativity and can even pose a challenge for recruiting and retaining employees,” the RFI states.

The RFI questions the viability a future collaborative federal IT enterprise in which an administration official could send an email to all federal employees or federal workers from five different agencies could collaborate and edit a single document in real-time.

“Ideally, it should be as easy to collaborate in one room face-to-face as sitting in different rooms, different agencies, and organizations,” it says.

GSA also invites industry to respond about any perceived procurement gaps that make it difficult for firms to sell these tools to agencies. Particularly, the agency would like to hear about the possibility for a new acquisition vehicle aligned with category management.

Contractors have until Jan. 20, 2017, to respond to the RFI.

The post GSA eyes new collaboration tools for agencies appeared first on FedScoop.

The deal comes from a modification to software reseller Carahsoft’s Adobe IT Schedule 70 contract to streamline acquisition and reduce duplication, GSA said in a release.

The contract is the latest GSA has signed with a software vendor adhering to the strategic IT purchasing principles of category management and the Federal IT Acquisition Reform Act, which call for federal agencies to buy from governmentwide software contracts when possible. GSA believes that the contract, which leverages the collective buying power of the federal government, could save American taxpayers $350 million through tiered discounts to agencies and reduced administrative acquisition costs.

“The offering is a significant step forward in promoting acquisition efficiency and supporting the agency’s goals under category management,” said Mary Davie, assistant commissioner for GSA’s Office of Information Technology Category. “It will help federal agencies protect high value assets, while also supporting faster transition to an electronic government.”

Over the past year, GSA has struck similar governmentwide software deals with Esri and Salesforce.

Like those contracts, this new Adobe agreement “will help agencies better secure their assets, transform legacy systems, and reduce paperwork for government employees while saving taxpayers money,” said Leslie Field, deputy administrator of the Office of Federal Procurement Policy. “Streamlined category management offerings will make it easier for government agencies to obtain the best and most current software that government employees need to get the job done.”

The post GSA governmentwide Adobe contract could save $350M appeared first on FedScoop.

Under GSA’s Alliant Small Business vehicle, Octo will help the general Services Administration modernize its Integrated Award Environment, combining several of the 10 different awards systems it manages into a single new and updated System for Award Management website, SAM.gov.

Octo’s work on the IAE modernization will specifically focus on designing and developing the updated functionalities for the Federal Business Opportunities system, the Electronic Subcontractor Reporting System, and the Federal Funding Accountability and Transparency Act Subaward Reporting System, though the bulk of the work will be devoted to the FedBizOpps.gov website.

The contract has a 10-month base period with four one-year options to extend.

Using agile development practices, McLean, Virginia-based Octo is currently in the user-testing phase of the project, CTO Sujey Edward told FedScoop.

“What we are not doing is building a system just that Octo would like or just that the GSA folks as stakeholders would like,” Edward said. “We really are starting to engage some of our colleagues that are out there in the industry and the folks that are using this system daily and using this system all the time to really elicit the type of information they need.”

“A lot of times in government systems, the loudest person in the room really wins out and that priority gets shot to the top of the list,” he said. “This is different. We’re really crowdsourcing; we’re really trying to figure out how folks are interacting and saying, ‘Hey, empirically, we can prove which are the most important features.’”

Likewise, the team is “leveraging more modern technologies from open source tools to micro-services to really be able to deliver a system that will help as the world changes,” Edward said.

“When we built software back in the day, it really was there for 20 years. Now we build software that when changes come in, we can accept those changes and move forward,” he said.

The contract, Edward said, shows that federal agencies are really committing to agile software development in lieu of traditionally waterfall principles.

“I think one of the things it really tells you is from a Digital Services Playbook angle, if you think about that playbook, the government has — and GSA in particular — really understood the importance of implementing those plays on programs,” he said.

Edward continued: “Another thing that’s unique about this program is it’s a recognition from GSA that all agile programs are not the small, four-week efforts. This is something that has cascading effects across industry and across not only their agency but their partner agencies as well. Having that type of interaction and that type of enterprise look at an agile development process is pretty refreshing.”

Octo is also looking to the DevOps process to support rapid, iterative development — “baking security and compliance testing in the DevOps pipe,” Edward said.

The plan is for a gradual and incremental roll out of functionality over the next couple years. Octo hopes to have public data searchable for about half the applications by summer 2017.

“We believe in developing on cadence and releasing on demand. So the business users will determine when those release cycles will happen,” he said.

Because the Octo team, like other contractors, uses these systems — particularly FedBizOpps — every day, they’re excited to lead the needed improvements.

“It’s awesome that us in the service community that serves the federal government and works with them are getting a bit of love now and getting an opportunity to work with a service provider-facing app,” Edward said. “I’m excited about it from really being able to say ‘Hey this is an important system that a lot of people get to use,’ and then bringing it forward into a more modern look and feel, and also just a better way to develop and implement a system.”

The post Octo Consulting wins agile contract to upgrade FedBizOpps appeared first on FedScoop.

Coders can expect to see more projects on the site in the coming months as agencies implement the recently released Federal Source Code Policy, U.S. CIO Tony Scott said in a blog post announcing the launch.

The Federal Source Code Policy seeks to get agencies to release more of their custom-developed software. The policy notably establishes a pilot program requiring agencies to release at least 20 percent of new custom-developed code as open source software.

Code.gov is not just a repository, however, but also a resource for agencies to use when implementing the policy, Scott wrote. For example, Code.gov features a metadata schema for agencies to use when building out their enterprise code inventories and includes information on how to build successful open source projects.

[Read more: OMB finalizes policy on open source code from agencies]

“We’re excited about today’s launch, and envision Code.gov becoming yet another creative platform that gives citizens the ability to participate in making government services more effective, accessible, and transparent,” Scott wrote in the post. “We also envision it becoming a useful resource for state and local governments and developers looking to tap into the Government’s code to build similar services, foster new connections with their users and help us continue to realize the President’s vision for a 21st Century digital government.”

Earlier this week Department of Homeland Security CTO Michael Hermus noted government is going to need to work on building community around its open source work.

“Without that community you can’t just stick it out there and hope magic happens — you have to govern it and manage and harness that community out there,” he said.

The policy is great for promoting open source development, Hermus said Wednesday at the 2016 Red Hat Government Symposium, noting “this is a sign of the fact that the current administration and the current community is really pushing forward in this direction.”

But he also acknowledged, “we still have a lot of work in implementing and adopting this and figuring out how it all works.”

[Read more: Open source policy holds promise, but agencies must do more — experts]

Scott in his blog post cites several new open source digital tools that have sprung up during the Obama administration, including Vote.gov, Vets.gov, the citizen petition site We the People, the White House Facebook bot and Data.gov.

“The code for these platforms is, after all, the People’s Code – and today we’re excited to announce that it’ll be accessible from one place, Code.gov, for the American people to explore, improve, and innovate,” he wrote.

The post OMB launches Code.gov repository for open source projects appeared first on FedScoop.

“I remember the day 20 years ago when something open source came across our desk, we thought aliens had landed from Mars,” Mark Bohannon, vice president of corporate affairs and public policy for Red Hat, said during a panel at the symposium. “I think we’re way, obviously, beyond that now.

Ten years after that, Bohannon explained “we were trying to explain it’s OK to use it. Today, I think it’s about how to use it. How can it help you, how are we implementing it? I think we’re in a much different chapter these days.”

More recently, that’s been propelled by the administration’s Federal Source code Policy, published in August, which requires agencies to explore existing solutions used by agency partners or other commercial off-the-shelf solutions before procuring custom software code. It also launched a pilot requiring agencies to release at least 20 percent of their custom-developed code as open source in the next three years.

[Read more: OMB finalizes policy on open source code from agencies]

“This policy seeks to address these challenges by ensuring that new custom-developed Federal source code be made broadly available for reuse across the Federal Government,” the policy says. “This is consistent with the Digital Government Strategy’s ‘Shared Platform’ approach, which enables Federal employees to work together—both within and across agencies—to reduce costs, streamline development, apply uniform standards, and ensure consistency in creating and delivering information. Enhanced reuse of custom-developed code across the Federal Government can have significant benefits for American taxpayers, including decreasing duplicative costs for the same code and reducing Federal vendor lock-in.”

David Bray, CIO of early-open-source-adopter the Federal Communications Commission, said the federal government shouldn’t be in the business of coding, for the most part.

“For most things that we do, we should not be coding,” Bray said. “We are not in competition. I understand that code is secret sauce, and that makes sense.”

Customizing code, he said, “is all good and well until five or six years from now, and then you’ve go to go back and you have to change what you’ve made, maybe something seems broken, maybe a new patch has come out and it broke something — that’s currently the state we’re in right now.”

Rather than purely coding, Bray said, agency IT should be using APIs to customize open source or commercial code that’s already available — “stitch together pieces of quilt as opposed to build pieces of quilt yourself.”

Bray also pointed to added trust that agencies can gain from users by using open source code.

The FCC was wildly successful in the launch of its broadband speed test app, he argued, because its open source code showed it didn’t collect unnecessary user information, so they weren’t worried about privacy issues.

“By making it open source, those who’d go on the GitHub who wanted to could see that by design we weren’t capturing your IP address, and by design we didn’t know who you were within a 5-mile radius,” Bray said. “And as a result, we got public trust and it was the fourth-most-downloaded app, right behind Google Chrome.”

There’s already a huge support base for open source in the federal government, he continued. “The bigger conversation is how you can use open source to actually get trust, because you’re now exposing what your code or algorithm is doing, what is being done with the data.”

“How many of you would be willing to share data on air quality, water quality, transportation quality if it would make your community safer if you knew that the data was kept private and anonymous?” he proposed to the crowd at the symposium, produced by FedScoop. “A way you can do that is by making open source what’s being done with the data and the algorithm, and I think that’s the real value of open source we’re just beginning to scratch the surface on.”

Meanwhile , many decry open source code as unsecure because it’s open to the eyes of anyone. But the opposite has actually shown true as more organizations embrace open source.

“For a long time people thought negatively about open source, kind of like it was Wikipedia … because anybody could edit it and you didn’t know what people may have done,” said Curtis Yanko, director of partner enablement at Sonatype.

However, the more eyeballs that are on that code, the more secure it is, Department of Homeland Security CTO Michael Hermus argued.

Paul Smith, Red Hat senior vice president and general manager, agreed, calling open source “the foundation for choice and security.”

The post Open source exploding, generating benefits in new areas appeared first on FedScoop.

“I don’t have to stand up on stage anymore and tout the benefits of open source as a development model. It’s a given,” Paul Smith, senior vice president and general manager for Red Hat North America Public Sector, said at the 2016 Red Hat Government Symposium, produced by FedScoop

This increasing acknowledgement of the value of open source can be seen in new Office of Management and Budget policy finalized this year, Department of Homeland Security CTO Michael Hermus said. The policy establishes a pilot program where agencies must release at least 20 percent of their newly developed custom code as open source.

[Read more: OMB finalizes policy on open source code from agencies]

The policy is great, Hermus said, noting “this is a sign of the fact that the current administration and the current community is really pushing forward in this direction.”

But he also acknowledged, “we still have a lot of work in implementing and adopting this and figuring out how it all works.”

In particular, Hermus noted, “one of the things I think we’re concerned about is saying ‘just open source 20 percent of your code’ is not a good idea right? It really needs to be much more thoughtful than that.”

“Percentage of code” is not really a good metric, he said, recommending “people… take a look at systems or even modules or libraries of usable functionality that add value.”

He said government is also going to have to work on building the community around its open source work.

“Without that community you can’t just stick it out there and hope magic happens — you have to govern it and manage and harness that community out there,” he said.

Tim Yeaton, senior vice president of Red Hat’s infrastructure business group, also noted earlier in the conference that open source communities are crucial to driving innovation.

“The innovation that happens in software today now is almost entirely born out of these open collaborative upstream communities,” he said.

Yeaton said agencies or companies trying to move to adopting agile methodology in particular benefit from using open source code others have shared before them. There are more than a million open source projects in the world today, Yeaton said.

“If you’re trying to prove out a concept in six weeks and you’re inventing all of that code from scratch — it’s kind of hard to do that,” he said. “What you find a lot of customers doing is they’re actually using some of those million open source components to actually do that prototyping. So open source isn’t just driving innovation… it’s changing the development model.”

Similarly, Hermus said one of the things his agency’s mission needs from open source is “improved time to market of those mission capabilities.”

“We need those guys out there on the frontlines to get the things they need to do their job as quickly as possible, not to get hung up in four years of planning and then procurement,” Hermus said.

He also noted that needs are going to change over time, so technology has to be agile enough to pivot when necessary.

“The open source ecosystem really provides a foundation there,” he said.

The post Open source policy holds promise, but agencies must do more — experts appeared first on FedScoop.

New research from Duo found tens of thousands of devices using Windows XP with Internet Explorer 7 and 8, a hurricane of insecurity boasting hundreds of critical vulnerabilities in software that hasn’t been officially supported for nearly three years. The problems are not hypothetical: Hackers who attacked Target in 2013 to steal millions of created cards are reported to have used a Windows XP exploit to first gain entry.

Out-of-date software used by the U.S. government has increasingly been a point of political controversy, especially since the Office of Personnel Management suffered a massive and high-profile hack that was finally revealed in 2015. Sensitive data for over 21 million individuals was stolen by the attacker, widely assumed to be the Chinese government, including vast amounts of security clearance background information.

Other agencies are increasingly under the magnifying glass as cybersecurity rises to a ubiquitous focus across government. Citing the use of old and insecure software in agencies like the Department of Education and NASA, Rep. Jason Chaffetz, R-Utah, believes more and even worse breaches are inevitable.

“I think it’s already happened,” Chaffetz warned earlier this year. “I have no proof of it but I’ve been ringing this bell for a long time.”

The Department of Defense has in recent years paid millions of dollars for extended support on Windows XP. The Pentagon updated many of its Windows XP devices to Windows 2003 within the last six months, according to Chaffetz. The DOD, Army and Navy have been running “Windows XP eradication efforts” over the last year.

“It takes just one out-of-date device to compromise your entire organization — attackers will target devices with exploitable, older versions of software in order to steal your data,” Duo researcher Tuo Pham wrote.

Most Windows XP users are stuck on Internet Explorer, according to Duo. Twenty percent of Internet Explorer users are running unsupported versions (8, 9, 10) that are incapable of receiving security patches. Just 3 percent are using Edge, the latest Windows browser. That leaves 80 percent with Internet Explorer 11.

But Windows XP users can’t even upgrade to a supported and secure version of a Microsoft browser, leaving millions unprotected while browsing the web. Better options would be using alternative browsers like Mozilla Firefox, Google Chrome or Opera.

Windows XP’s versions of Internet Explorer use insecure add-ons that aren’t even supported in most modern browsers. Sixty-two percent of devices running Internet Explorer have an out-of-date version of Adobe Flash installed. Ninety-eight percent of the devices analyzed by Duo that use Internet Explorer also have Java installed.

Most Windows devices are running older software, including 65 percent on Windows 7, a version that will receive security updates through 2020. The Duo researchers argue that Windows 10 — which 24 percent of Windows users are updated to — is a significantly more secure operating system than its popular predecessor.

“That leaves the majority of users on Microsoft operating systems and browsers open to vulnerabilities and a potential malware infection, which can be passed onto your environment if they log into your applications with risky devices,” Pham explained.

The post Windows XP is a security nightmare, yet hundreds of millions still use it appeared first on FedScoop.