IT AGENDA 2009
5 technology waves to ride in 2009
How agency IT shops can tackle new mandates despite shrinking budgets
WELCOME TO 2009. It’s time to ring in the new presidential administration.
Through a series of well-thought-out mandates from the Office of Management and Budget, the departing Bush administration brought considerable order to federal information technology shops. But now the Obama administration wants to shake up agencies even more. It has promised that the federal government will use technology more than ever to offer services and bring transparency to government agencies. Guess whose plate that work will fall on?
“This is a technology administration,” said Patrick Finn, a Cisco Systems vice president for U.S. federal operations.
The good news for those who wish to rest for a while is that agencies won’t face any changes for some time. “It usually takes a significant number of months before an incoming administration can have clear and present effects,” said Ray Bjorklund, senior vice president and chief knowledge officer at market researcher FedSources Inc. However, agencies that anticipate the administration’s agenda with tests and updates to existing systems will be ahead of the game.
The new administration’s agenda will be only one of the factors agency chief information and chief technology officers must grapple with in the upcoming year. They also must manage shrinking budgets — because of a ballooning deficit — ever-evolving security threats and the ever-changing nature of the IT landscape.
The most dedicated officers are keeping an eye on all these tasks. In January, the Government Printing Office will formally launch its new public government electronic document repository, called Future Digital System (FDsys). In development for 41⁄2 years, FDsys “has been positioned so it can anticipate the needs for transparency and a lot of the initiatives that the Obama team is looking for,” said Mike Wash, GPO’s CTO.
Like GPO, agencies could anticipate the plans of the new administration and hit other agency milestones, too. Here are five technology trends that will help you accomplish that task this year.
1. Green IT
Last summer, as the presidential campaign heated up, gas prices soared. And as a result, then-presidential candidate Barack Obama made ambitious promises to fund the development of energy-saving technologies and promote more efficient energy use in government agencies.
“Obama does intend to keep his campaign promises around a better environment, greener approaches to all kinds of things,” said Tom Simmons, who leads federal sales at Citrix Systems.
Although many of the initiatives will not immediately affect IT, per se — such as making buildings more energy efficient — IT will not be safe from scrutiny. “In some agencies, the largest consumer of energy is the IT department,” Simmons said.
So in 2009, expect to see more emphasis on technologies that can help reduce energy bills.
One of them is virtualization, a technology many agencies have already started to embrace. More use of virtualization products from Citrix, VMware, Microsoft, Sun Microsystems and others is likely in 2009. “Virtualization’s [purpose] is to reduce the number of servers that are pulling energy.
By virtualizing [them], you reduce the footprint, therefore you reduce the requirement for cooling,” Simmons said.
Another technology that will likely get greater play is cloud computing. Cloud computing promises to move the burden of support IT infrastructure, namely by outsourcing computational and data storage services to third parties who could pool resources and use energy more efficiently.
“Everybody in government is talking about clouds,” said Bill Vass, president and chief operating officer at Sun Federal.
“It is getting significant traction, but the issue we’re running into with our government customers is that the commercial clouds aren’t meeting their basic needs,” Vass said. Commercial vendors such as Amazon don’t pay heed to government compliance standards, such as archiving schedules. However, expect to see more government-focused cloud offerings in the upcoming year, he said.
Another technology on the rise is virtual meeting software, though the growing use of this software might be caused by restricted budgets as much as a desire for energy- savings. “Budgets are absolutely going to be impacted, with record deficits,” Finn said. “I think you will see a demand for more fiscal responsibility from all budget owners in governments. Travel budgets are one of the areas that are discretionary.”
More organizations will likely use virtual from Cisco’s TelePresence systems to more economical Web meeting software, such as Citrix’s GoToMeeting, and collaboration tools, such as Microsoft SharePoint.
2. Web 2.0 and beyond
Government transparency is one of the Obama administration’s top goals. The public wants to see what the government is doing and how it is being done. The best tool for sharing this information is the World Wide Web. The new administration is expected to primarily use Web technologies to make the government more transparent, Simmons said.
“President-elect Obama took social networking to a new level during the campaign, using Facebook and MySpace, wikis, and other things to help communicate and connect with citizens in a way that is entirely different than the way it was done before” said Haywood Talcove, chief executive officer of LexisNexis Special Services. “It changes the way democracy is implemented because it gives people more of a way to interact.”
Web 2.0 technologies such as social-networking tools are nothing new for government. During the past few years, OMB has set up a wiki for Congress to help craft the annual budget, and a few agencies, including military and intelligence organizations, have used similar tools.
The trick for agencies is to fit freewheeling social technologies to the more controlled world of government bureaucracies by having them comply with archiving and security mandates already in place. “There were people on the transition team using social-networking tools. Bjorklund said, “Those are wonderful tools for a purely social environment and little less so for a professional environment. In time, they will become very useful.”
Another challenge is making sense of the data. It’s not enough to merely post the congressional budget wiki. The average user needs to know what they are looking at. Users will increasingly see analysis and reporting tools, most of which are already Web-enabled, accompanying the public presentation of data, said Teresa Carlson, who leads Microsoft’s federal government sales and operations. She said agencies must decide what data to post and how to post that data.
“The state of the art that people are coming to expect is to do a Google search and come up with what they are looking for with the first hit,” said Owen Ambur, a former cochairman of the CIO Council’s XML Community of Practice and co-author of the Strategy Markup Language (StratML). “You can’t do that when it is buried in a 150-page PDF that has three pages of graphics before you get to any text at all.”
Last month, Ambur posted a version of the Obama agenda in the StratML format so citizens, lobbying and advocacy groups, and others could easily parse it. Instead of organizing social-networking tools around people, as LinkedIn does, they could be organized around objectives.
3. Identity management
The most venerable cornerstone of government paperwork is slowly becoming a thing of the past: the written signature.
In October 2008, President George W. Bush used a digital signature to sign the 2009 budget. The secure log-on to the laptop PC he used, employing the two-factor authentication mandated by Homeland Security Presidential Directive 12, assured the validity of the signature.
The digital signature “was a great success for us and the country and a good demonstration that these kinds of tools are commonplace and accepted,” GPO’s Wash said.
Agencies’ compliance with HSPD-12 has established the framework for electronically managing crucial operations that require proof of identity, such as signatures. This year, they will have more ways to use this framework to establish authenticity in government affairs.
“The government is creating a lot of jobs and that means you will have a lot more people coming into agencies and a lot more churn. Identity management will have to be managed,” said Fiona Pattinson, director of business development and strategy security testing company atsec. This means adding new accounts for new employees, deleting accounts as employees leave or are transferred and coordinating accounts across different systems.
GPO’s FDsys will rely heavily on authentication. “We will have the capability to receive electronic information from the agencies and Congress that is digitally signed, so there is assurance that it hasn’t been altered or corrupted in any way,” Wash said. “Once it gets into GPO, we put it into the information management systems, and we will offer digitally signed versions of the data.”
4. Security: Defense in depth
In December 2008, the Commission on Cyber Security for the 44th Presidency, a panel of government and industry experts, released its recommendations for the incoming administration. The prognosis? A new National Office for Cyberspace needs to oversee security. Whether such an office is enacted, the message is clear: Despite agencies’ efforts and cross-agency efforts such as the Trusted Internet Connection initiative, security remains a serious concern.
“Security will continue to be important,” Bjorklund said. Unlike other challenges, security can’t be solved simply by the application of money. “The threat continues to evolve. There are people out there who know how to keep moving that threat forward.”
The next step for agencies may involve thinking about security in a broader fashion. “When you are doing your overall architecture, [at] every layer of the architecture you must ask yourself: Where is the security?” Microsoft’s Carlson said. “What are your policies? How do you have this configured?”
“The focus does need to be [on] infrastructure,” Finn said. “I think you will hear a lot more on policy around security. It’s not just going to be the latest technology but how do we actually look at this in the context of creating a secure infrastructure.”
Vass suggested that defense-in-depth plans will become more prominent. “If you can’t adequately protect the endpoint, then don’t. If you can’t adequately protect your network in one layer, then don’t,” he said. Instead, multiple security technologies can be layered on one another to provide an impenetrable barrier.
Although the Obama team used technology heavily in the campaign, how the administration plans to use technology once in office is still open to question. One clue could be in a November 2007 position paper released by then-Sen. Obama, “Connecting and Empowering All Americans through Technology and Innovation.” Technologies could help in government transparency, health care and universal access to electronic information, the paper asserts.
“In almost every case, these ambitious goals may only be achieved through the implementation of standards,” said Massachusetts- based standards attorney Andrew Updegrove. The federal government will never decide on one vendor or one technology for any of its needs. As a result, interoperability is necessary, and that, in turn, requires standards.
“We’ve tried to incorporate as much standard technology as we could” with FEDsys, GPO’s Wash said. “We didn’t want to create a closed and proprietary system. We went after [commercial software packages] and configured them through an integration process.”
He said standardization can also help if an agency must replace a component in the system. The old product can be removed and the new one installed easily because they both work with the same standardized interfaces. Without the interoperability, the agency gets locked into the vendor and the software maintenance costs can skyrocket, Vass said.
Standardization can also be critical in the reuse of software developed specifically for, or by, government, Vass said. Many agencies commission the development of similar software instead of looking at what other agencies have already commissioned. “What we need to do is to have an incentive system that rewards reuse,” Vass said.
To be sure, government agencies already heavily use standards, including those developed by outside international bodies and in government through the Common Criteria program and the Defense Department’s 5015.2-STD program for records management systems. Although Common Criteria and 5015.2 are mandatory only on specific systems, they are increasingly being used by additional agencies for procurements, Microsoft’s Carlson said.