Wednesday, January 11, 2017

Figs, mushrooms, maybe meatballs. Go Code Colorado 2017!

YES!

It’s time for Go Code Colorado, one of our favorite parts of the year. It’s a Colorado competition that invites developers and entrepreneurs to use public data to build apps that create business intelligence. It’s so, so, so much more than a hackathon. It’s an opportunity to meet new people, learn something new, and help build a stronger Colorado.

Each year, the Go Code team announces the challenge statement at their killer kick-off party. This year, it’s at Galvanize Golden Triangle on Wednesday, Feb. 1, at 6 p.m. -- and we’re promised figs, mushrooms...and maybe meatballs. Oh yeah, and Great Divide beers! How could you miss it? Register for the kick-off event right now and start building your team.

Go Code Colorado hinges on the open data posted on the Colorado Information Marketplace at data.colorado.gov. At the end of the competition the three winning teams receive $25,000 to keep their app and business idea going. Learn more here and let the games begin!


Thursday, January 5, 2017

MacGyver Moment #1: Data sharing for the rest of us

We’ve got a new series for the #StateofCO IT blog to highlight state employees innovating in government—MacGyver Moments!

Our first MacGyver Moment comes from one of the state’s developers Greg Ostravich. Check out his video interview with Digital Transformation Officer Brandon Williams, and read what he says below.



If you've been around technology for a while then you probably remember Microsoft Access Database—a solution that was popular in the 90s enabling customers to easily share data.

At the State of Colorado we have the “big three” of solutions: SalesForce, Perceptive, and Google. These tools are great for large scale projects, but what do we do if we want a solution for a smaller dataset? Or if we want something that doesn't require the licensing of SalesForce or Perceptive? What if we want something that doesn't require in-house developers to come up with a Java solution that runs in the Google App Engine using a cloud-based database?

Well, there is a niche solution that does work for these types of scenarios. Enter Google Sheets.

There are two ways to do this:

  1. The newer option is using Google App Maker, a tool that is still bubbling up. It is a low code way of extending features within Google Apps.
  2. The other option, that I used, is to bind an HTML form and Google App Script to a Google Sheet to create a way for users to search content without having a heavy developer-dependent solution. The solution lives in the cloud, doesn't require any costs for deployment, and allows "read-only" sharing of content for a customizable set of users.
Without going into too much detail, here’s what I did: |

Took a Google Sheet and under the "Tools" menu clicked on the "Script Editor".

From the Script Editor, I inserted a Google App Script (code.gs) and an HTML file.

These two files, which are bound to the Google Sheet, work in conjunction with each other to allow the user to access a traditional HTML form where they type in their search criteria and submit the form. That action runs Google Apps Scripts that walk through the sheet searching for matching data, and then dynamically generates and populates the results in a div that lives on the HTML file that's bound to the sheet. Because it's just HTML, the Google Sheet can even contain HTML (bulleted lists in one example I worked on) and they will render correctly.

I’ve put together this example to show you how it works here.


Thank you Greg for an awesome example of building a technology solution on a shoestring budget, and without an over complicated architecture. What do you guys think?

Friday, December 2, 2016

A new day; a new face!


We've redesigned!

Just a quick interruption to point out our flashy new blog face. We've been a little slow on the posts (so sorry!), but we'll be back next week with new content and a few updates.

Have feedback on the new blog? Email us anytime at oit_website@state.co.us.

 

Monday, October 17, 2016

#StayingSafeWithSocialMedia

Today’s guest blog comes from Merlin Namuth, Director of Standards, Risk, Compliance, and Security with Red Robin Gourmet Burgers, Inc.

Social media sites such as Facebook, LinkedIn, Twitter, Instagram, and Snapchat are great for staying in touch with friends and family, and they’re widely used. They connect people with similar interests to lend support, and share and collaborate on ideas. Other benefits include finding a new job, discovering new friends, asking opinions, and quick information sharing. The advantages are unlimited.

There are dangers you need to be aware of when using social media. People with ill-intent (attackers) use social media sites to steal personal information, commit fraud, and infect your personal computers, tablets, and smartphones with viruses/malware You can take steps to protect yourself and still enjoy the many benefits of social media.

Security Concerns
There are many ways attackers use social media to trick you.
  • Attackers post links in social sites that are malicious in nature. A malicious link may take you to a site that looks like your bank’s website, but really isn’t. The attacker attempts to trick you into entering your login information and banking information on this fake site. 
  • Another example of a malicious link is one that takes you to a site where a computer virus/malware is downloaded and installed on your system. A common tactic by attackers is to create malicious websites that focus on current news events, such as an election, natural disaster, or some tragedy to lure as many people to them as possible. These malicious links are forwarded amongst your social media connections. 
  • Attackers create fake groups to trick people into joining in order to gather information from unsuspecting users. 
  • Sometimes attackers will target someone and create a fake profile. They send invitations to join to the connections of the “real” person. Once people are connected to the fake profile, the attacker will try to trick them into divulging information or click on malicious links. 
  • Attackers look for personal and work information on social media sites. They may try to piece enough information together in order to answer password reset questions on your behalf. If the attacker is successful, your password will be changed along with your answers for the password reset questions. You are then locked out of your account with someone else posing on your behalf. 
  • Posting your vacation pictures while still on vacation tips off the attacker that you aren’t home. The attacker may then target your home for a physical robbery or vandalism. 
  • Posting information to social media sites without any restrictions on who can view your posts will show up in an internet search. This may include information you don’t want the entire world to see.

Protect Yourself
You can take several precautions to stay safe on social media, while enjoying the vast benefits:
  • Educate yourself. Pay attention when social media sites add more functionality, as this may create different security concerns. Most sites have a web page dedicated to security tips specific to their site, such as how to configure multi-factor authentication. Some sites will send a PIN to your phone via a text message. This makes it harder for an attacker to login as you.
  • Change your privacy settings so only your connections can see your list of friends. Hiding your list of friends keeps the attacker from targeting your friends. 
  • Watch out for fake profiles. Recently, I had friend who is in a high profile position become the victim of someone creating a fake profile as her on Facebook. She contacted Facebook about the fake profile and it was disabled within a few minutes. 
  • Use your privacy setting to restrict your posts so that only your connections can see them. This will help prevent your posts from showing up in Internet searches. You can check what is visible on Facebook, for example, with a feature where you can view your profile as someone who isn’t connected to you. This will help you verify your privacy settings.
  • Some applications will ask you to use your social media login. Be very wary of doing this. Attackers create malicious applications where they capture your login information.
  • Cover your webcam when you aren’t using it. There have been instances where attackers have gained access to the webcam via malware and used the pictures captured from the webcam as blackmail.
  • Be wary of clicking on links. When possible, go to a known and trusted site.
  • Don’t use the same password for each site. If your login is compromised on one site, it will then likely stay contained within that one site. I understand how difficult it is maintaining multiple passwords and trying to remember which password you used for which site. There are different password management programs such as Password Safe, KeePass, and Apple Keychain. This isn’t an endorsement for any of them, but just examples of ones out there for free. 
  • Wait until you return from your vacation before posting your pictures. Avoid the temptation of sharing your immediate whereabouts in general, in order to protect your home.
  • Keep the devices you use for connecting to social media up to date with the latest patches. If you inadvertently click on a malicious link, you may be protected with the most current patches from anything bad happening. 
  • Avoid using public WiFi. Don’t use the public computer in the library, hotel and other places, as they are often infected with malware. Attackers can set up fake WiFi networks at these locations and trick your device into connecting to them. Better to use your smart device on your carrier’s cellular network.
  • Be very sensitive of the information you share on social media. Don’t share your birth date, home address, and social security number. These can all be used to steal your identity.
I hope this gave you new ideas for protecting yourself on social media. Enjoy its benefits while keeping yourself safe.
Merlin Namuth is the Director of Standards, Risk, Compliance, and Security with Red Robin Gourmet Burgers, Inc., a casual dining restaurant chain founded in 1969 with more than 540 locations across the United States and Canada.