The move to mobile technology and cloud computing may have begun under the leadership of federal Chief Information Officer Vivek Kundra, but his mission will stay strong with his successor once he leaves office in August.
“It’s the administration that has laid this out, not just Vivek,” said David McClure, associate administrator of the General Services Administration’s Office of Citizen Services and Innovative Technologies at the FOSE trade show on Wednesday.
“It would be difficult to imagine that the IT reform agenda is going to be forgotten once Vivek leaves and a new person comes in,” he added. “This administration has really tied itself to achieving these things. The next person coming in is going to be focused on execution, there’s no question about that, but the execution of this agenda, and whatever is added to this agenda, is still going to come up to moments of trade-off in terms of priorities and how it’s executed.”
One governmentwide trend McClure noted was the move away from having to define and explain cloud computing and its benefits to government agencies.
“The great thing that I’ve seen, at least in the last 24 months that I’ve been in the government, is the tremendous maturity and the understanding of cloud computing,” he said. “Cloud is teaching us that once we free data and we make it more accessible and we make it usable, it’s creating a real thirst for more effective engagement with our citizenry. It’s creating exciting collaboration platforms internally within our organizations on how we share information and make decisions collaboratively.”
To foster the growth of mobile and cloud computing, McClure said security is a barrier that needs to be crossed. “If anything, what we’re going to have to do in the security area is move toward a very robust environment of continuous monitoring, and look at persistent threats and real threats in a very prioritized way,” said McClure.
“We’re beginning to build that into a lot of the work that NIST, the CIO Council, GSA, DHS, DOD have been working on in advancing that more mature posture of agencies in the continuous monitoring area.”
Ron Ross, NIST’s senior fellow, said the wide proliferation of mobile apps creates a significant security issue.
“Most people download these apps on their mobile device, and they don’t have a clue who developed the app,” he said. “Is there a threat vector through that application right back to the corporate network? Those are the important questions.”
Similar to how fraud protection catalyzed the growth of credit cards, Ross said proving mobile security will encourage its growth.
“The same thing is going to happen with all the mobile technologies,” he said. “We’ve got great technologies, but we’re still trying to catch up and figure out how to apply the fundamental concepts that we’ve known for the last 30 or 40 years. The fundamentals haven’t changed, so we’re now trying to figure out how we apply all of these [fundamentals] to these great new devices.”
McClure said that GSA’s adoption of cloud technologies has illuminated additional security concerns. “A lot of the security breaches in government and in the commercial sector have nothing to do with hacking or penetrating systems. It has to do with illegal or unauthorized access to databases or physically stealing something,” said McClure.
“GSA has just moved to a cloud email system, and I can tell you right now, the time and effort that we’ve put into making sure that security is there against attacks – phishing attacks, spam attacks, everything else – deserves a lot of attention,” he said.
McClure said that for security measures to improve, government employees all have to be on the same page with cloud computing and move away from a traditional computing mindset.
“We’re still so entrenched in thinking about our creation of data on websites and on desktop PCs,” he said. “Despite any arguments made about digital divide and the cost of broadband, it is inevitably moving more and more in that direction and we have to think strategically how we are delivering the services of government in that environment.”