Like a driver who’s not paying enough attention, a software bill known as the SAMOSA Act has passed the House.

The delicious-sounding “SAMOSA” stands for “Strengthening Agency Management and Oversight of Software Assets.” If passed, the bill will require each agency’s chief information officer to provide software assessments that include:

• An inventory of “the largest software entitlements of the agency,” separated by provider and category
• Entitlement data, like fees or additional costs for the use of cloud services “not included in the initial costs of the contract agreements or arrangement”
• A list of provisions that restrict software use, like data access and cloud providers

The bill also requires agencies to develop a plan to consolidate licenses and adopt enterprise license agreements to reduce costs.

Expense expanse. Each year, the federal government spends more than $100 billion on IT and cyber-related investments, according to the US Government Accountability Office (GAO). The GAO also noted in its January 2024 report that the most widely used and most expensive software used could not be determined across the 24 agencies due to inconsistent, incomplete license data. “For example, multiple software products within license agreements were not separately priced,” the GAO said in its January study offering agency recommendations.

Read the rest here.—BH

Amazon Web Services (AWS) says it has given its data centers a glow up to keep up with AI innovation.

During the cloud service subsidiary’s annual learning conference, re:Invent, it revealed that several changes had been made to the components in its data center facilities in a bid to support the “next generation” of AI.

What’s new? One of the newly announced changes includes “simplified electrical distribution and mechanical systems” within the company’s facilities that would reduce the number of racks that can be impacted by electrical issues by 89%. The company said some of the ways it has taken such measures include “bringing backup power closer to the rack and reducing the number of fans that are used to exhaust hot air.”

The cloud subsidiary added that it is tapping new mechanical cooling solutions for its new and existing data centers and that it will be able to reduce the amount of available energy that is unused or underused, typically known as stranded power, in order to make better use of its available energy.

Read more here.—BM

The decades-long battle against bad passwords might be heading the wrong way in part because many users overestimate how savvy they are, per a recent survey by security firm CybSafe and the National Cybersecurity Alliance.

According to the report, many people have failed to put basic password hygiene into practice. For example, 40% of respondents said they use “single dictionary words or names” as passwords, while nearly as many (35%) include some degree of personal information. While 65% reported using unique passwords across important accounts, 18% of respondents said that was only the case half the time—and 17% reported using unique passwords a minority or none of the time.

While 54% of respondents said they had used a password manager—up 10% from the prior year’s edition of the survey—around 14% said they had given up using them. All told, 39% of the respondents said they just didn’t trust password managers.

Oz Alashe, CybSafe’s founder and CEO, said IT security teams need to do better at communicating not just the benefits of security tools but the mechanisms they use. For example, the survey found a widespread perception password managers do little to enhance security; 48% of respondents who had never used or abandoned them said they wouldn’t stop cybercriminals.

Keep reading here.—TM