The CIO of the U.S. General Services Administration discusses cloud computing, plans for funding innovation with a flat IT budget, and the potential for equipping federal employees with new consumer technologies.
The General Services Administration provides real estate management and centralized acquisition of products and services, including IT services, to other federal agencies. GSA's Office of the CIO, which provides IT infrastructure and support to the agency itself, is managed by CIO Casey Coleman.
As co-chair of the federal CIO Council's Best Practices Committee, Coleman has been involved in the early stages of the U.S. government's cloud computing strategy. Coleman writes a blog, Around The Corner, and she posts regularly on Twitter. In September, she was named to InformationWeek's Government CIO 50.
GSA's proposed IT budget for FY 2011 is $639 million, a 0.8% increase over the current fiscal year. In this interview with InformationWeek's John Foley, Coleman discusses how she plans to find money for innovative technologies with a flat budget, cloud computing, the potential use of consumer technologies in government, and what's on top of her IT project list.
InformationWeek: What are your priorities these days?
Coleman: Our priorities can be summed up in two words: IT modernization. That's a big initiative that covers a lot of specific projects. It's being driven by the idea that we at GSA, as a service provider to the federal government, should be a stellar example of the services available that other agencies can utilize from us, be the best example of 'eating our own dog food.' We have a plan that covers a number of different infrastructure and application-usability issues under the fabric of IT modernization. The goal is to provide our employees and other stakeholders with the tools and capabilities they need to do their 21st century mission.
A couple of projects that are already underway or about to queue up include an agency-wide voice over IP rollout. We have about 10% of our users on VOIP phones and the rest using traditional dial tone service. By moving everyone to VOIP, you take advantage of new capabilities like unified communications, the ability to converge voice and data networks, and we anticipate saving a fair amount of money, perhaps as much as 50% of the $18 million that we now spend on local voice service every year.
Another initiative that is about to get underway is single sign on, or identity credential and access management. What this means is taking the OMB mandate for two-factor authentication--in our case that will be our smart cards, our access badges that are HSPD-12 compliant, plus the PIN, the identity number that goes with that--and using those two factors to get access all of our systems, both physical and logical access, so access into the buildings, onto the network, to the applications and the roles that they're granted. It's not just access, but roles management. That has the dual benefit of improving usability, because users no longer have to remember a dozen or more passwords, but also end user productivity and security. With this system in place, when an employee departs, we can immediately de-provision them and know that they've been removed from all the systems to which they had access, at once. We will know which roles they have access to so that we do not inadvertently grant someone the right to have conflicting or inappropriate roles in different systems that previously would have been authenticated separately.
Other initiatives we're looking at include things like potentially implementing an enterprise-wide business intelligence system. Right now we have business intelligence solutions, but they're in pockets across the agency. There's potentially a lot of value in having an enterprise view of all of our business operations and have dashboards for executives and others. Those kinds of forward leaning initiatives are things we're looking at. Longer term, we're interested in things emerging from the consumer market, like netbooks, smartphones, and mobility applications. We're looking at those kinds of capabilities to see how we take advantage of them in a way that's compliant and secure.
InformationWeek: Federal CIO Vivek Kundra talks about how the consumer market has had an advantage over government users in that respect. Do you get the sense that GSA employees and government employees in general really want these consumer technologies at work?
Coleman: It depends. I believe there's an unquestioned productivity benefit to some of these capabilities. If you have a phone that has voice-activated directions and you're going to a meeting in another building or area of town, it's a helpful tool to have. There are business capabilities that we can tap into. But I'm not sure everyone feels the need. There's no doubt a comfort level with existing tools and processes, but our mission is not static, our workforce is not static, and our technology has to evolve with evolving workforce and mission demands.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.