Act quickly, OMB
- By Thomas R. Temin
- Jul 30, 2003
Thomas R. Temin
Buying and installing technology can be done quickly. Crafting policies to avoid uninteroperable systems can take an eternity.
Congress is worried that agencies are moving too slowly on securing their systems. But at the same time, the Office of Management and Budget is directing agencies to ease up on buying security products because there is no governmentwide approach.
Talk about damned if you do, damned if you don't.
Several years ago, the General Services Administration awarded the Access Certificates for Electronic Services contract to give agencies a vehicle for buying authentication certificates. Early on, ACES was basically a nonstarter. Too few knew the implications of digital certificates or how they worked.
Now, online services have multiplied'in large measure because of OMB initiatives pursuant to the President's Management Agenda.
Managers are more familiar with authentication technologies than they were five years ago. They also are more sensitive generally to privacy and security issues.
The result? The ready-made ACES contracts are getting business. As GCN reported last month, more than a dozen agencies have placed orders through ACES. Meantime, the military is deploying smart cards'willy-nilly in the eyes of OMB.
The administration has reacted by strongly suggesting agencies stop such purchases until a new governmentwide policy is established or they get the OK from OMB's handpicked e-authentication group.
The overseers are, quite properly, concerned that these systems work across agencies. That's not guaranteed if agencies simply buy certificates and authentication services from ACES vendors.
Few managers want to stick their necks out in defiance of OMB. Yet they don't want their projects to come to an indefinite standstill when authentication products are, after all, available now.
Therefore, the pressure is on OMB to finish its policy quickly'lest e-government itself hits the skids.