California Security Chief Aims to Secure Social Networks, Teleworkers

Comment

Mark Weatherford, chief information security officer, California

Aug 31, 2009, By Steve Towns, Editor

In 2008, Mark Weatherford became California's chief information security officer (CISO). He directs the state's Office of Information Security, which is responsible for ensuring the confidentiality and security of state government computer systems and information. Before going to California, Weatherford served as CISO of Colorado.

What's at the top of your priority list?
The biggest thing I'm working on right now is a strategic plan that will lay out where we're going to take the state in the next five years. I'm aligning that very closely with [state CIO Teri Takai's] strategic plan, which she released earlier this year. We're also creating a new complement of state enterprise security policies. State agency CIOs tell me that's what would help them the most - consistent policies that let them know the direction the state is heading and what's expected of them.

How are you dealing with use of social networks by state employees?
Most of the issue is going to come down to how employees take advantage of social networks and how they do it in a way that doesn't compromise the state in any fashion. I think it's very important that California leads the way in some of these things. We're going to jump out in front of this and get something in place that allows state employees to use social networks. It's going to be my job to figure out how we can safely and securely implement these technologies in state agencies because in a couple of years we're not going to have this discussion anymore. This is going to happen. We just need to make sure we're doing it properly.

Video: California CISO Mark Weatherford discusses social networks and other security challenges.

How will you ensure security for remote workers?
The state is taking a two-pronged approach. There is the human resources component of teleworking, which is not really my bailiwick, but there are also the security controls. You need the proper security controls and security devices in place to make sure you're doing telework appropriately. We've been working on that. We're in the final stages of vetting a security standard for telework.

Can you improve security by demanding more secure products from vendors?
We're discussing that right now. We're talking with Microsoft about creating a California standard desktop configuration, so when we then go out to our PC providers, we just tell them what operating system load we want. We would get a hardened operating system right out of the box, so of the hundreds of different variables available on an operating system, it will come locked down and hardened.

Latest Government Technology News

California to Test Fingerprint, Photograph Devices on In-Home Care Patients - Mar 19
California IT Security Officials Still Wary of Cloud Computing - Mar 19
FCC Launches Beta Version of Spectrum Dashboard - Mar 19
Web Chat Helps Virginia Reduce Phone Calls About Tax Questions - Mar 18
Utah, Los Angeles Share Cloud Computing Tips - Mar 18

Industry Solutions for Government

Read real world deployments of technology in government from our sponsors.

View All Industry Solutions

Marketplace

Get Public CIO's Bi-Weekly Newsletter

Take our Identity
Lifecycle Management (ILM) Survey

Can your organization keep pace with its growing demands while enforcing security controls?

Take Survey Now!

Mainframe

White Paper: The Mainframe Opportunity IT Strategies For Achieving Breakthrough Value: Forrester conducted interviews with CIOs/CTOs of mainframe users in the US and Europe to better understand their strategies in the use of the mainframe.
Strategy Paper: CA's Mainframe 2.0 Strategy Roadmap: Fully capitalize on the potential value offered by the mainframe as the availability of mainframe professionals becomes increasingly constrained.
MF 2.0 Product Brochure: Mainframe 2.0 is CA’s new and far-reaching initiative that is changing the way the mainframe is managed forever.

Cybersecurity

IDC White Paper - Identity Lifecycle Management: Bringing Together Security, Identity and Compliance: Read this to learn about the technology and best practices needed to manage your identities throughout their lifecycle.
I Am Who I Say I Am: This paper discusses the drivers, responses and challenges associated with information security in Government.
Simplify and Secure: Managing User Identities Throughout their Lifecycles: Find solutions that simplify, automate and secure the activities for creating and modifying user identities and roles throughout the organization.

Virtualization / Cloud Computing

White Paper: Integrated Infrastructure and Performance Management for Virtualized Environments: Government agencies use virtualized environments to decrease costs, consolidate data centers and reduce environmental impacts.
CA Virtualization Management: CA Virtualization Management solutions provide integrated end-to-end management, automation and security which drive better outcomes.
Working Together to Maximize Business Value of Your IT Investments: VMware and CA have responded to your requirements by forging a solid partnership focused on your enterprise's needs.

Project and Portfolio Management

A Life Cycle Approach to Grants Management: Using project management at every stage of grant administration can maximize funds now and for the future.
A Platform for the New Transparency: Meeting the Challenge of ARRA Grants Management in State and Local Government: The sheer size of ARRA and new grant opportunities has had a tremendous impact on the workload of grants management staff. But the size of the program is only part of the story.
Success Stories: IT Governance: Making the Difference in Cities, Counties and States: Decision-makers need to align IT projects with organizational goals. See how three agencies achieved this.

Government Jobs

Browse hundreds of public sector career opportunities in GovTech's new jobs section. Popular job searches: government IT, public safety, GIS, transportation, CIO, security, health

Magazines: Magazine Sites, Government Technology, Digital Communities, Public CIO, Emergency Management, Advertise

Resources: Site Map, Search, Events,
Video, Government Articles, Slide Shows, Case Studies, Privacy Policy, News Feeds (RSS), MyGT

Email Newsletters to Stay Informed: Executive News, Digital Communities, Emergency Management, Public CIO, Security, Justice and Public Safety, Webinars.

twitter

Government Technology Magazine

Government Technology Magazine provides information technology (IT) case studies, applications, news and best practices for state, city and county government.

Get FREE Subscription

Emergency Management Magazine

Emergency Management Magazine provides technology news and solutions to the local government authorities that help protect our communities.

Get FREE Subscription

Public CIO Magazine

Public CIO Magazine provides technology news and solutions to public sector C-level technology executives.

Get FREE Subscription

Digital Communities Magazine

Digital Communities Magazine is the premier information source for cities, counties and regions to explore and share experiences and best practices beyond just infrastructure and mobile innovations.

Get FREE Subscription

March 2010 GT Cover/Cover by GT Design Department

EM Jan Feb 2010 Cover/Photo by iStockphoto

PCIO Feb March Cover/Photo by Terence Brown

California Security Chief Aims to Secure Social Networks, Teleworkers

Latest Government Technology News

Industry Solutions for Government

Related Products and Services

Marketplace

CA RC Q1 2010 Resource Center

Take our Identity Lifecycle Management (ILM) Survey

Mainframe

Cybersecurity

Virtualization / Cloud Computing

Project and Portfolio Management

Government Jobs

Government Technology Magazine

Emergency Management Magazine

Public CIO Magazine

Digital Communities Magazine

Take our Identity
Lifecycle Management (ILM) Survey