Security

Resources on Security

Privacy-Preserving Collaboration Using Cryptography —In conjunction with her May 2020 presentation, Dr. Emily Shen outlines her work on Secure multi-party computation (MPC), a type of …
OMB Circular A-130 —Managing Information as a Strategic Resource
How to Prevent Security Certificates From Expiring During a Lapse in Operations —These are the steps that people in government can take to avoid having security certificates expire during a lapse in operations.
Federal Information Security Management Act of 2002 – Presentation to the 2003 FISSEA Conference —The head of the agency delegates to the CIO a number of information security responsibilities. The CIO in turn designates a senior agency …
Social Media Cyber-Vandalism Toolkit —Guidance on how to respond to cyber-hijacking.

Tools and Services

Digital Dashboard —Measures how U.S. government domains are following best practices for federal websites.
Cloud.gov —A FedRAMP approved cloud hosting platform that makes it easy for federal agencies to get on the cloud by simplifying procurement, security, …
FedRAMP —The Federal Risk and Authorization Management (FedRAMP) is a process that authorizes cloud products and services.
Login.gov —An identity management service that provides secure and private online access to participating government programs.

News and Events on Security

58 posts

Policy

Go-Live Checklist for Federal Websites

Covering the breadth of federal web policy, the new downloadable checklist organizes policy requirements into nine categories and explains what your agency needs to do to meet each requirement.

Rachel Flagg

Jan 13, 2022

GSA’s FedRAMP Celebrates 10 Years of Impact on Cloud Security—Today, the Federal Risk and Authorization Management Program (FedRAMP) celebrates its 10-year anniversary. On December 8, 2011, the Office of Management and Budget (OMB) signed a memo establishing FedRAMP to provide a cost-effective, risk-based approach for the adoption and use of cloud services. This landmark reflects GSA and FedRAMP’s commitment to protecting public and federal information through supporting IT modernization and securing IT infrastructure. Over the past ten years, the program has seen an incredible increase in the adoption of FedRAMP-authorized services and will play a critical role in improving the nation’s cybersecurity. — via General Services Administration

Dec 08, 2021

Privacy

Security is Everyone’s Responsibility: Delivering Secure, Usable Login for Government

How login.gov incorporated human centered design and continuous discovery into their product development process to improve the user experience.

Julia Elman

Mar 02, 2021

A Dashboard for Privacy Offices—Through work funded by 10x, a team from 18F investigated how technology can help busy privacy offices manage your PII, and make their work more accessible and understandable for the public. — via 18F

Dec 15, 2020

TTS Bug Bounty Program: 3 Year Review

We’re reflecting on our Bug Bounty program for the last 3 years and highlighting some lessons learned.

Alyssa Feola

Aidan Feldman

Dec 14, 2020

Security

True Crime Detectives: How We Used Free Web Metrics Tools To Uncover a Cybersecurity Incident

Join USA.gov as we slowly uncover a conspiracy to scam Americans using fake government websites… and then try to foil the caper!

David Kaufmann

Oct 26, 2020

808 views

10x

10x Project Lightning Talks: 2020

10x project teams will demonstrate their work to date and provide brief overviews of each project. We hope that these talks will highlight some of the most interesting work happening in government today and inspire others to submit ideas to 10x.

Jun 30, 2020

Making .gov More Secure by Default — The DotGov Program announces its intent to preload the .gov top-level domain in order to protect .gov site visitors. — via DotGov Registry

Jun 22, 2020

Cloud.gov

Building for the 21st-Century Web with Federalist

Building, deploying, and hosting fast, secure, and compliant federal web sites and applications with Federalist.

David Corwin

Jun 16, 2020

Video

Dr. Emily Shen on Secure Multi-Party Computation

This talk will describe how organizations can collaborate in a privacy-preserving manner using a cryptographic technology called secure multi-party computation.

Dr. Emily Shen

May 05, 2020

This week, Login.gov has surpassed 20 million registered users! 🎉 Congratulations to the team for hitting this milestone while keeping the product simple and secure for the public. — via Login.gov

Jan 22, 2020