The tyranny of federal IT

Another View | Guest commentary: Until we recognize the tyrannical side to government IT, we'll never fully deliver on its promise

Warren Suss

There's a tyrannical side to federal information technology. Until we recognize this and bring it into the open, we'll never fully deliver on the promise of government IT.

I'm not talking about the important but well recognized problems that can plague any IT project ' cost overruns, schedule delays, technical problems, requirements creep and uncontrolled scope shifts. These are often deadly, for sure, but they don't represent tyranny ' they reflect weakness in project management and lack of discipline in requirements analysis and system development processes and procedures.

I'm talking about the type of tyranny that occurs when agency headquarters IT organizations impose poorly designed systems, counterproductive policies, and cookie-cutter solutions on component organizations without fully understanding those organizations' requirements and ' worse ' without adequate organizationwide consultation and coordination.

Let me give three real-world examples.

The network that drove users to FedEx: A federal agency has widely distributed field offices that need to collaborate on a daily basis using large data files. They also frequently need to share their information with external corporate partners. Headquarters establishes a policy to fight rogue networks. All field offices are required to use a single agencywide network designed for low-bandwidth administrative applications. The administrative network can't handle the load created by so many field offices shipping large files. Network performance plummets. Then, after a security breach on a public agency Web site, headquarters cuts off network access for all nongovernment users, including corporate partners. The result? Instead of using the agency network for efficient, real-time information sharing, field offices are forced to burn CDs and ship them to colleagues nationwide. Collaborations that should take minutes now take days. Information security protections promised by closing rogue networks are substantially diminished by unscanned rogue CDs being loaded multiple times on the network. FedEx bills go through the roof.

The certification and accreditation process that turned back the clock: After some high-profile security problems, a federal agency decides on strict enforcement of certification and accreditation (C&A) rules. They make no distinction between high-security and low-security environments in applying the strict new rules. When new computers are delivered for use by low-security components of the agency, the central IT organization's contractors erase mainstream commercial programs widely used throughout other parts of the government from the disk drives because they haven't yet gone through the agency's strict new C&A process. Instead, the agency installs previous-generation programs that have agency C&A approval before the computers are reshipped to user facilities. Costs go up to pay for the application downgrade and hardware reshipment, and low-security agency component elements are forced to work with inefficient, outdated programs.

The app that ate productivity: A federal agency decides to establish uniform administrative applications throughout the department. They determine that an application developed by one subagency will become a departmentwide standard. Many IT managers question the value of this one-size-fits-all application. After the system is deployed agencywide, subagency administrative employees discover that it locks up when data is keyed in. The system architecture, designed for a local-area network, operates inefficiently on a wide-area network. The inefficient system ties up scarce administrative resources and yields little perceived value.

These examples are important because we are entering an era of tight budgets, when agencies governmentwide will be looking for efficiencies through centralization. Centralization can bring important benefits and cost savings, but it can also lead to the dangers of IT tyranny.

Unless we take a thoughtful approach to efficiency, we won't just fail to deliver value to subcommunities of users, we'll undermine the good things they are doing on their own. If we're not careful, for every dollar gained through server consolidation and centralized help desks, we'll lose ten dollars by undermining productivity in the user community.

The relationship between headquarters and component organizations is one of the darkest corners of federal IT. If heavy handed, top-down IT policies and procedures hurt rather than help, the next time representatives from headquarters come knocking, managers from the component elements will run the other way or will figure out how to delay or undermine headquarters initiatives.

In the federal government, the 'point of the spear' ' the organizations that fight wars, deliver service to citizens, and perform other critical mission functions ' are the organizations at the tactical edge, not at headquarters. That's why headquarters IT organizations always need to support and empower their sub-agency elements, not tyrannize them.

There's hope. The three examples of Information Tyranny above have been resolved. In all three cases, senior agency executives, after being alerted to the problems, implemented effective technical and procedural solutions. Equally important, they are winning back the trust and loyalty of their component elements by improving IT governance processes and promoting user-centric corporate cultures.

When headquarters focuses on helping their components develop innovative solutions to real problems, when they assist them in commanding resources, when they do battle to eliminate 'one size fits all' policies if one size doesn't fit all, they will win the support of component elements for sensible efficiency measures and necessary security policies. With improved communication, better governance and a culture focused on support rather than dominance, we can fight IT Tyranny and win by getting tangible results for our user communities and our nation.

Warren Suss is President of Suss Consulting, Inc., headquartered in Jenkintown, Pa. He can be reached at warren.suss@sussconsulting.com.

About the Author

Warren Suss is president of Suss Consulting, a federal IT consulting firm headquartered in Jenkintown, Pa.

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group