My latest article, about Windows 7, is online over on Seacoastonline.com. Hope you enjoy it.
« April 2009 | Main | June 2009 »
May 2009
May 29, 2009
May 26, 2009
May Newsletter
We've just released our May newsletter, Jenaly FYI.T..
Welcome to this months edition of Jenaly FYI.T.
Darling You Gotta Let Me Know Should I Stay Or Should I Go?
Green IT Action Item of the Month
All this and more in this months edition. Click the following link to read the PDF version...
May 2009 Jenaly FYI.T. PDF Version
Remember, if you'd like to receive Jenaly FYI.T. in the mail, please let us know. We'll be glad to send it to you, but in our efforts to encourage more sustainable actions, we primarily distribute Jenaly F.Y.I.T. electronically, to minimize it's impact on our environment. If you receive a hard copy of this newsletter, watch for it in your mail later this week.
We hope you enjoy our newsletter and welcome your feedback and suggestions.
To view pdf files, you will need Adobe Reader.
Download it for free here. 
May 23, 2009
May 21, 2009
May 20, 2009
My Testimony To Congress
Yesterday, May 19, I was asked to provide expert witness testimony to The House Subcommittee on Management, Organization, and Procurement, Committee on Oversight and Government Reform on the subject of "The State of Federal Information Security." This was my first time testifying before Congress and was a result of several meetings last week, with various House and Senate Committee's, that I recently blogged about here.
As I blogged about last week, the Federal government, both the House and Senate, are looking at a variety of legislation dealing with cybersecurity. While these initial reviews are happening at the Federal level and are focusing on government information systems, they are looking to the IT industry to provide advice and expertise as to how to insure the security of the nations information systems, including those of the private sector. This particular hearing involves the House's review of FISMA, the Federal Information Security Management Act of 2002 and updating it for today's evolving threats.
Below is my review of the hearing, along with several photo's from the hearing. You may click on any photo to view an enlarged version is a new browser window.
Rayburn House Office Building
My day began with an 8 AM breakfast briefing in the cafeteria of the Rayburn House Office Building with the public policy staff from The Computing Technology Industry Association (CompTIA), to review my oral testimony and the questions I may be likely to receive from the Members of the Subcommittee. At 8:40 AM we went up to the second floor to the Hearing Room, room 2247.
Hearing Room 2247 prior to the arrival of the Subcommittee Members and the various staffers and observers.
The Subcommittee heard testimony from a panel of six experts, representing various elements of the Federal Government, one witness representing a large IT business and one witness representing a small IT business, me. The panel included Mr. Vivek Kundra, the new Federal Chief Information Officer, Office of Management and Budget, recently appointed by President Obama. I have blogged previously about Mr. Kundra's appointment, which you may read by clicking here, so I was thrilled to have the opportunity to meet him and honored to be testifying alongside him. Also on the panel were Mr. Gregory Wilshusen, Director, Information Security Issues, Government Accountability Office, Ms. Jacquelyn Patillo, Chief Information Officer, US Department of Transportation, Ms. Margaret Graves, Acting Chief Information Officer, US Department of Homeland Security, Mr. Samuel Chun, Director, Cyber Security Practice, U.S. Public Sector, EDS, a division of the Hewlett-Packard Company and me.
Mr. Kundra, Ms. Patillo, Ms. Graves, Mr. Chun and me, awaiting the arrival of Mr. Wilshusen and others before the start of the Hearing.
The Hearing was opened by Chairwoman Diane Watson, D-CA, and we were then sworn in to provide our testimony. For those unfamiliar with Congressional Hearings, the House operates on a 5 minute rule, so each Member was allowed to deliver a 5 minute opening statement, followed by each witness reading their 5 minute oral testimony, which is extracted from the lengthier written testimony that is submitted to the Subcommittee in advance of the hearing. Because I was invited to testify just last week, as of today, my written and oral testimony is not yet posted on the Subcommittee web site, but I expect once they post the Hearing record, it will be there.
Swearing in of the witness panel by Chairwoman Watson.
Chairwoman Watson delivering her opening statement.
At this point, I need to interject a few personal comments. At my wife's suggestion, I brought our oldest daughter Hannah with me to Washington. Hannah is a senior at Portsmouth High School and an Honor Student. She will be heading off to college next year and after discussing it, we felt this would be an unparalleled opportunity for Hannah to see how our Federal system of government works. Here is where I owe a very large and sincere thank you to Chris Kotopis from CompTIA. Unbeknown to me, Chris had informed Chairwoman Watson's office that Hannah would be traveling with me to attend the Hearing. After Chairwoman Watson completed her opening statement and introduced the witness panel, she then acknowledged Hannah for traveling to be present at the Hearing and asked her to stand and be recognized. I was completely surprised by this and immensely proud of my daughter for this incredible learning opportunity which just took on an entirely new dimension. I quickly modified my own opening statement, to thank Chairwoman Watson for her kindness in recognizing my daughter. After the Hearing concluded, as seen below, the Chairwoman continued to be quite gracious with her time, talking with Hannah about government, youth and the future, as well as inviting her behind the Committee table for a photo. What an impression to make on a High School Senior! I am sure this will be a life long memory for Hannah, as it is for me.
Chairwoman Watson speaking with me and Hannah after the Hearing concluded.
Ranking Member Bilbray, my daughter, Hannah Shoer and Chairwoman Watson.
Every Congressional Committee has it's Chairperson, from the majority party and then a Ranking Member, from the minority party. For this Subcommittee, the Ranking Member is Congressman Brian Bilbray, R-CA. Ranking Member Bilbray delivered his opening statements immediately following Chairwoman Watson, followed by statements from any other Members who wished to speak.
Ranking Member Bilbray delivers his opening statement.
Following the members opening statements, each witness then proceeded to deliver their own opening statements, which you may read in detail on the Subcommittee home page, which I linked to earlier in this post. For me, I found immediate commonality of concern with both Ranking Member Bilbray and Chairwoman Watson, specifically around the are of training and the fact that the human being IS the last line of defense in any cyber security discussion. Each witness had their own perspective, as it related to their agency, company or experience. That not withstanding, there was widespread agreement that training needs to be a fundamental part of any legislation, if it is to be effective.
Delivering my oral testimony to the Subcommittee.
My own statements centered around insuring that any update to the current FISMA legislation, along with any newly adopted legislation "enhance the security of our federal systems and protect our country and its citizenry." I was asked to represent CompTIA and it's many small business member companies and by extension, the millions of small businesses in the United States that are our clients. Unfortunately, whenever you engage in a discussion about IT security, whether at this level or within a business of any size, the discussion tends to get too focused on technology. I saw this during the question and answer phase of the Hearing. We, collectively, tend to have the view that technology alone should be able to solve any problem that we face. However, without adequate and verifiable training, it is impossible for technology to do this job. During our meetings last week with various Committee staffers, we heard case after case of examples of highly sensitive data being exposed to the Internet after someone with access to this information loaded it onto a portable computer that they brought home and left unsecured. In some cases even letting their children use the computer for games and peer-to-peer sharing software. This is a training issue, far more than a technology issue.
Responding to Members questions during the Hearing.
I summarized my testimony as follows: "In conclusion, it is undisputed that we must protect the American public by having a security framework that guards information systems for both our federal critical systems, as well as, the private sector." I firmly believe this to be true and after my experience yesterday, I also believe that this Subcommittee, as well as the other Committee's looking in to this very important issue, believe this to be true as well. I was also encouraged to hear, during the questioning period, that the Members are concerned about drafting legislation that is realistic and able to be effective. They are concerned that the Federal Government set the standard and lead by example, with a model that will be able to be replicated in the private sector, regardless of the size of the business. As a small business person myself, I am deeply concerned about this very aspect of this discussion and I was very pleased to hear this publicly stated, on the record and I made this feeling known. Clearly, this is not a quick or simple process. Any new guidelines will have to be very broad to properly address the wide audience this relates to. At the same time, it's extremely important that this effort creates a standard and that the Federal government does lead by example. Otherwise, as I have stated before, there is a very real danger that we could wind up with competing or conflicting standards at the Federal level and within each of the 50 States. That would create an intractable environment for small businesses to operate within and would damage our economic potential as a nation. As she made her closing statements, Chairwoman Watson asked each of the witnesses to submit additional written input on several topics that the Subcommittee would like to hear from us on. There is a clear openness toward and willingness to work with both Federal agencies and the private sector in addressing this critical issue.
Following the conclusion of the hearing, I had the opportunity to personally thank Chairwoman Watson for her kindness toward my daughter and for calling this Hearing.
Thanking Chairwoman Watson following the closing of the Hearing.
I also had the opportunity to formally meet Vivek Kundra. I wanted to take the opportunity to properly introduce myself and wish him well, as if you read my blog post about his appointment, you know I am very excited about the elevation of the importance of IT within the Obama Administration. I hope that these developments will become permanent fixtures within our government, which I am sure they will be.
Talking with Vivek Kundra following the Hearing.
And while Mr. Kundra's presence at the hearing was considered to be the main attraction, my daughter Hannah took on her own rock star appeal after her introduction from the Chair, as Mr. Kundra was very excited to meet her.
Vivek Kundra, Federal CIO, talking with me and my daughter, Hannah Shoer
After the hearing I was also interviewed by a reporter covering the hearing for Federal Computer Week. If I see the article, I will post a link to it in this blog. After a long few hours, we left the Hearing Room and received our second nice surprise of the day, courtesy of CompTIA, when we were brought to Congresswoman Carol Shea-Porter's, D-NH, office where we were escorted by a staff intern from Exeter, NH on a private tour of the Capitol. We were able to observe both the House and the Senate from the Galleries and were quite lucky to see the Senate enact the credit card reform legislation which was passed yesterday.
After this, I worked from the CompTIA office for the rest of the day until our flight home in the evening.
May 14, 2009
My Day On Capitol Hill
This is a long post, but there is a lot to cover, from what was an incredibly busy day yesterday. On Wednesday, May 13th, I had the opportunity to spend the day on Capitol Hill in Washington, DC lobbying congress. This was a new experience for me and something I was very excited to participate in. The day was organized and run by the public policy staff of CompTIA, the Computing Technology Industry Association. CompTIA is the global IT trade association, of which Jenaly is a member, and states its mission as that of “Advancing the global IT industry.”
I was one of 19 owners of IT services businesses from around the country, along with 7 CompTIA staff to attend several meetings and it was both an encouraging and fascinating experience. As the day moved on, three primary themes emerged. Perhaps to no one’s surprise, Health Care was the hot topic of the day, followed by small business access to economic stimulus funds and cybersecurity issues. One other theme that deserves mention is that everyone we met with encouraged us to contact our members of congress, either by phone, letter or e-mail (e-mail is most efficient). Every members office logs these contacts in a database and this information is reviewed with the member monthly, so they know what their constituents are concerned about. Without exception, everyone we met with says that these contacts make a difference, so I encourage you to contact your elected officials.
We began our day with a presentation from the Counsel for Science Policy for the Senate Commerce Committee. He spoke with us about a pending cybersecurity bill being sponsored by Senator’s Rockefeller and Snowe (from neighboring Maine). One of the key components of this bill is the creation of the office of the National Cybersecurity Advisor in the White House, for strategic oversight of cybersecurity policy and implementation. A theme we would continue to hear throughout the day was the belief that without this high level strategic position, directly reporting to the President, that implementation and enforcement of any passed legislation in this area would be difficult, if not impossible. From what I learned, it appears that any federal cybersecurity legislation, at least initially, will be focused on federal government systems and critical infrastructure systems, a catch-all term that refers to the national power grid, telecommunication networks and financial systems. At least for now, it does not appear that this federal legislation will impact small or medium sized businesses, though the potential and intent does seem to be there.
As it relates to you, this concerns me for several reasons. Currently, several states are adopting sweeping cybersecurity measures. Our neighboring Commonwealth of Massachusetts has enacted perhaps the most stringent privacy and data security legislation in the country and other states are watching this very closely. From what I learned this week, there are roughly 18 states that have some form of cybersecurity laws on the books, but by far, the Massachusetts law is the most restrictive and imposes the heaviest penalties for non-compliance. In our discussions with various Committee Counsels, I stressed the point that I feel it is critically important for any federal legislation to set realistic standards and best practices, with collaborative input from the IT industry, that state legislation will conform to. Otherwise, we run the risk of having states enact 50 different sets of requirements that will unfairly burden the business community. Imagine if you had to change how you store or communicate information depending on which state your customer may be in. It could create a huge financial, regulatory and compliance burden that would limit economic growth at a time when we are trying to stimulate growth. However this plays out, if you deal with any personal or sensitive data, you are hopefully encrypting that information and not using unsecured e-mail to communicate anything sensitive. If you are not doing this currently, the time to secure your systems is now, before laws are in place that could penalize you financially, for not doing so.
I also had the opportunity to meet personally with Congresswoman Carol Shea-Porter’s Legislative Director, Mr. Robert Moller. Throughout the day, and specifically during this meeting, I was impressed with the sincerity of the reception we received. I went to this meeting with four specific items to discuss and without going in to too much detail, Mr. Moller, took copious notes, offered ideas and recommendations for follow-up and asked me to follow-up with him directly, to let him know how I make out. To me, this is what participatory government should be. I was impressed. Knowing that Congresswoman Shea-Porter is interested in sustainability issues, we spent some time talking about our Green IT initiatives and the work of our own local Green Alliance. I encouraged Mr. Moller to really watch and engage with the Green Alliance as I sense this could be a model for other communities around the nation and something we are fortunate to have available to us here in our local community.
All this brought me to 10:30 AM on this very busy day, so you can get a sense for the pace of DC when you are there for a specific purpose. It’s a vibrant place. Our next meeting was with the House Oversight and Government Reform Committee and we met with the Chief Counsel for Policy. This meeting also focused mostly on the pending cybersecurity legislation as well as health care reform. At lunch, we heard from a speaker from the Small Business Administration who discussed the current credit crisis and how the SBA will be using stimulus funds to help ease credit issues for small businesses. The banks are still the driving force behind the easing of the current credit crunch, but the SBA is marshalling resources and new programs designed to help the business community as best it can. There are encouraging things coming. If this is an area of concern for you, check www.recovery.org frequently as this is the central resource that several people referenced.
Our next meeting was with the senior aide to Maine’s Senator Olympia Snowe of the Senate Commerce Committee. This was our most challenging meeting as it took place in the Senate Cafeteria, which is a very loud place. Congress was in session throughout the day and numerous groups were on Capitol Hill lobbying, so meeting space was at a high premium. This was our most technical meeting, mostly discussing cybersecurity.
Our final meeting of the day was with the House Committee on Small Business with the chief counsel, healthcare counsel and procurement counsel. This meeting focused mostly on healthcare reform. As we heard throughout the day, there is a general feeling that meaningful healthcare reform will be passed this year. I thought it telling that the healthcare counsel commented that if you asked him a month ago, what the odds were of meaningful healthcare reform, he would have responded “slightly less than 50/50.” However he now feels very confident that we will see some type of meaningful reform passed in to law. He said the key constituencies have all come on board, including the insurance industry, which as you can imagine, is critical to making this work. While no one could share details of exactly what this reform will look like, the general sense of optimism and eventuality was very clear.
Here's a great picture of CompTIA Director of Public Policy, Lamar Whitman, preparing us for our meeting in the House Small Business Committee Hearing Room in the Rayburn House Office Building, shortly before the Counsel's arrived.
Perhaps the most insightful moment of the day came as we were walking off Capitol Hill shortly after 5 PM, which I will paraphrase as best I can. One of the CompTIA staffers said “I have not seen this city so busy in years. Ever since the inauguration, people have been coming to DC to talk about their concerns and raise their issues. Regardless of your politics, we have come through some very hard years and there is a growing sense that all the talk of change and hope is not just talk, it’s really happening.” I think that sums up my day perfectly.
I want to personally thank CompTIA, specifically Todd Thibodeaux, CEO, Bob Kramer, Vice President for Public Policy and Mike Wendy, Director of Public Affairs for coordinating this day and inviting me to participate. I appreciate the opportunity and came back with ideas and information that will help our business and our clients. There are many other CompTIA staffers and members to thank as well, including Chris, Lamar, Ted and Tom, to name but a few. I'm sure I'm neglecting to mention others, but I assure you the omission is not intentional.
Thanks for reading this long post!
May 09, 2009
Mr. Shoer Goes To Washington
I know, bad play on a famous movie title, but I am very excited and proud to be participating in a congressional lobbying day in Washington, DC this coming Wednesday, May 13th. I have been invited, along with 16 other similar companies from around the country, to join CompTIA in DC to meet with several committees and hear from some very interesting speakers.
We will be meeting with theSenate Committee on Small Business & Entrepreneurship, the House Oversight and Government Reform Committee, theSenate Commerce Committee and the House Committee on Small Business. In addition, we will hear a presentation from a business development specialist from the Small Business Administration. I am also, personally, looking forward to a private meeting with the Legislative Director for our local New Hampshire 1st District Congresswoman Carol Shea-Porter.
I expect many of the discussions to focus on health care, access to federal stimulus funds and cyber security issues, to name a few. My understanding is that these meetings will be pretty free flowing and the topics may change as the discussions take root.
I am most interesting in discussing pending legislation's, federal and state, that may impact our clients and if some of these IT related mandates do become law, will our clients have access to stimulus funding to implement the proposed requirements. I'd also like to know where the health care debate is headed and what positive developments we can expect for our staff. I don't know any other industry that consistently raises its rates double digits year after year. If we did that, I doubt we'd have the client loyalty we enjoy today.
If there are things you may be interested in that I can look into for you while I am at Capitol Hill, please let me know. I have a ton of reading to do this weekend to get prepared. This is my first visit to Capitol Hill in this capacity and I am really looking forward to it. Thanks to CompTIA for making opportunity available to its membership. This member truly appreciates your efforts.
May 07, 2009
Our Social Networking Activities
Jenaly Links
Recent Posts
- 7 Lessons Entrepreneurs Can Learn from the Navy SEAL's
- Make Sure You Have Backup For Your Cloud Strategy
- It's Not just the Droid Incredible...
- Follow up to the Droid Incredible Review
- The Incredible Droid Incredible
- Tech Talk: The increasingly intelligent 'smartphone'
- Blog : Jenaly Technology Group shows how to “Green I.T.”
- Is 'green IT' living up to the hype?
- Latest Article Published - Securing your data goes beyond the obvious
- Windows 7 Has Impressive Repair Capabilities That Saved Mother's Day
Recommended Reads
July 2010
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | 30 | 31 |
