“Reporter’s Notebook” is a weekly dispatch of news tidbits, strongly-sourced buzz, and other items of interest happening in the federal IT and acquisition communities.
Submit ideas, suggestions and news tips to Jason via email.
A Bush administration veteran is returning to his roots. The Homeland Security Department is losing another IT executive. The comings and goings in the federal IT and acquisition communities never stop.
Jeff Koch, who worked at the Labor Department and at the Office of Management and Budget during the George W. Bush administration, is returning to Labor as the deputy assistant secretary for policy in the Office of Administration and Management.
Sources say Koch will start this week and will focus on performance management areas such as improving services to citizens.
Sources say there is still a lot to be determined about Koch’s role, but it’s part of Labor Secretary Alexander Acosta’s plan to bring back political appointees with government experience.
Koch will work for Bryan Slater, the assistant secretary for administration and management and another Bush administration veteran. Slater previously worked at the Small Business Administration and the White House in the mid-2000s.
Labor still has several top political positions unfilled, including the deputy secretary, the assistant secretary for policy, the director of the Office of Public Engagement and the commissioner of the Bureau of Labor Statistics.
Koch started his executive branch career at Labor as the associate chief information officer working on among other things the Benefits.gov e-government initiative.
He then moved to OMB as an e-government portfolio manager, where he focused on the government-to-government projects such as e-payroll, e-travel and the electronic official personnel file (eOPF).
Since the end of the Bush administration, Koch worked for several government contractors including IBM and YRCI.
Over at DHS, Jeff Eisensmith, the chief information security officer, announced he is retiring after more than 32 years in government.
Multiple sources confirm that Eisensmith’s last day will be at the end of April.
A DHS spokesman said they had no personnel announcements at this time.
He began his federal career in 1985 with the FBI and took a stint in industry working for BAE Systems.
During his time as CISO, Eisensmith led DHS’ return to respectability in the cybersecurity community.
After repeated internal cyber struggles in the mid-2000s, DHS turned the corner with new CIO leadership and Eisensmith complimented those efforts by implementing, among other things, a new cybersecurity maturity model that focuses on risk management.
In the Reporter’s Notebook earlier this month, we told you Mike Hermus, the DHS chief technology officer, is leaving March 2. We know now that Kevin Wince will be the acting DHS CTO. Wince has been executive director for enterprise architecture since June. He came over to DHS from the General Services Administration, where he was the chief enterprise architect.
Sources confirmed that DHS plans to fill the CTO role as quickly as possible.
Finally, Paul Grassi, one of the last employees in the National Strategy for Trusted Identities in Cyberspace (NSTIC) and a senior standards and technology adviser at the National Institute of Standards and Technology, saw his term appointment end and headed to the private sector.
Grassi left NIST in January to join Easy Dynamics, a small business in the Small Business Administration’s 8(a) program. Easy Dynamics is a women-owned small business focused on application development and cloud computing.
NIST announced in 2016 that it was shifting NSTIC to the Trusted Identities Group so Grassi being one of the last NSTIC employees is not altogether surprising.
He said the future of the NSTIC pilots and initiatives is not 100 percent clear and that is something to watch over the next year or so.
Agriculture Department Secretary Sonny Perdue has laid out a new vision for his department called, OneUSDA.
“We are one family working together to serve the American people. And if we are to fulfill our mission — to make USDA the most effective, most efficient, most customer focused department in the entire federal government — we must function as one single team,” Perdue wrote to about 100,000 employees during the first week of 2018.
But Perdue’s words are ringing hollow to many USDA employees after he decided to make what some call arbitrary changes to the agency’s much admired and recognized telework program.
USDA’s new policy requires employees to be in the office four days a week, letting them telework only one day per pay period. The old policy allowed almost unlimited telework and was a key piece of the agency’s initiatives around work-life balance and reducing its real estate footprint.
For many USDA employees, the change flies in the face of creating OneUSDA, and Perdue’s focus on family and efficiency.
“USDA [is] cutting down on telework for all employees — Wow!! Talk about using a hand-grenade to remove a hang-nail,” wrote one USDA employee to Federal News Radio. “This story reeks of poor government decision process. Instead of using data and analysis to get to root causes, just hammer the entire department with severe reduction in telework, so they alienate the staff and eliminate any possible real estate savings from desk sharing or hoteling.”
Federal News Radio heard from more than a half dozen employees worried about the changes to the telework policy.
“People are complaining about suddenly, without warning, having to find pre-school and post-school baby sitters, changing (if possible) trade-off arrangements with spouses, finding car pools and the costs of commuting,” wrote another employee. “Many feel dismissed and ambushed, and are looking for jobs elsewhere.”
|USDA Fast Facts|
|Number of employees||97,289|
|Number eligible for telework||58,635|
|Number of employees teleworking in FY 2016||32,356|
|Percentage of eligible employees teleworking in FY 2016||55%|
|Percentage of employees teleworking in FY 2016||
|Three or more days||9,623|
Source: OPM 2016 Telework Report to Congress
While these and other employees are ringing the alarm bells, the fact is Perdue is well within his right as the secretary to make the changes to the telework policy. He is not forbidding telework, but limiting its usage. And to be clear, telework is not a right, it’s a privilege.
“The appropriateness of the amount of telework suitable for eligible employees is ultimately a determination reserved for supervisors and managers. Decisions as to frequency of telework participation is determined by the nature of the position, duties and responsibilities, supervisory relationship, and mission criteria,” the new policy states. “When telework is used to address space availability restrictions, such as in the use of hoteling or desk sharing, a mission area, agency or staff office head may approve telework exceeding 2 days a pay period on a case-by-case basis. When telework is used to ensure mission functions continue to be performed during a wide range of emergencies, including localized acts of nature, accidents, and technological or attack-related emergencies, a mission area, agency or staff office head may approve telework exceeding two days a pay period on a case-by-case basis.”
One USDA official, who requested anonymity because they didn’t get permission to speak to the press, said while they see the benefits and drawbacks of telework, Secretary Perdue initiated a major reorganization effort that the old concepts of mission and success are changing for many people.
“I can make the argument that it doesn’t matter where you work, but I also can make the argument that in-person teams matter, especially when you are reorganizing the agency,” the official said. “At times it feels like we are so accommodating that we don’t get anything done because we shy away from making a tough call because someone will not like it or not feel included. At times it feels like pendulum has gone too far where there is too much carrot and not enough stick. Maybe this is too much stick and not enough carrot, but we are being asked to increase the focus of driving mission and on customers. That is hard work. This doesn’t happen successfully in the federal government if the boss isn’t saying this is what we want to do and drives hard toward that goal. Usually in the federal government things start to fail when they get hard.”
A USDA spokesman said in an email to Federal News Radio the decision to change the telework policy comes from feedback from employees reflecting longstanding concerns about the previous policy.
“This went to mission area human capital officers and agency heads, who circulated it internally through their program staff. It was also submitted to the national unions for their comments,” the spokesman said. “USDA’s telework policy is designed to be responsible to the taxpayers and responsive to the customers who depend on our services. It is also respectful of our fellow employees who come to work each day.”
The change that Perdue is leading isn’t easy and the old adage that “change is hard” definitely applies. Perdue seems to recognize that change management is necessary in his message to employees from early January.
“So every change we detail today and in the weeks and months ahead is to make us function as one single team. I will be forthright with you. Some of these changes may be drastically different than the old way of doing things, and that’s OK.” Perdue wrote to staff. “All of them point to our first strategic goal: to ensure our programs are delivered efficiently, effectively and with integrity.”
The problem for several employees and unions representing workers is the change is being done to, instead of done with, employees.
Jeff Streiffer, the immediate past secretary treasurer and spokesperson for the American Federation of Government Employees Local 1106, said the motivation behind the policy change is unclear.
“We were involved in the consultation process for local and national AFGE as well as some of the other national labor unions representatives,” he said an interview. “When USDA rolled out its draft telework rewrite to the national AFGE about 2-to-4 weeks ago, we made comments on the idea of reducing the number of telework days to four per pay period or twice a week. We advised them it was too restrictive and not warranted. We received a response that they disagreed and that’s all the response really said. So when the final revision rolled out, it was more restrictive than four days.”
Streiffer said AFGE now is investigating whether USDA violated the National Consultation Rights statute under the Federal Labor Relations Authority.
“We didn’t have notice that they were going that far with the new policy. If their intent was two days then it was a bad faith bait-and-switch,” he said.
Streiffer said he couldn’t go in to any further details about possible legal action against USDA.
Stan Painter, chairman for AFGE national joint council of food inspection locals and a USDA employee for 32 years, said the new policy is a step backward.
“There was no communication. It was like this was it take it or leave it, and it came across as a dictatorial decision and just enough to leave telework in place,” he said. “There are managers that I deal with that telework all the time and they are more responsive when they telework than when they were in the office. When they were in the office it was from this time to another time. But when they telework I could get a hold of them more easily.”
Another USDA employee who works as a reasonable accommodation coordinator, said they had heard about a month ago of a rumored change.
“Since telework can be a reasonable accommodation employees request, I heard my business was about to boom,” the employee said. “Everyone who wants more than one day a week can get it if they can come up with any disability. It’s not that hard to be qualified as someone with disability. The American with Disabilities Act 2008 amendments made it easier to qualify if you have a have medical condition that substantially limits major life activity. But substantial has been gutted so if you have back or leg impairments, that counts. So many people have bad backs or bad knees and we need to take commutes in consideration when we look at reasonable accommodation, according to the Equal Employment Opportunity Commission.”
The employee added, whether or not someone needs reasonable accommodation, reducing the number of telework days to no more than one per week is a major disruption for a lot of people.
The decision to reduce the number of telework days leaves current and former USDA officials confused even further considering the agency has been a model for public and private sector companies.
Forbes named USDA to its top 500 places to work in 2015, in part because of its telework policy.
“When I was at USDA, we were dealing with 16 different organizations with 3,000 different physical office space locations across the country. Our goal was to tie telework to reductions in offices that were not utilized or less utilized. USDA was trying to think strategically how to tie telework to important objectives so it will be interesting to see how they accomplish this transition,” said Mika Cross, a federal workplace expert who helped shape USDA’s workplace policies under the former administration and is now at a different agency. “The push was to empower supervisors to make decisions about their team. They should be able to determine what works for their team based on the job and mission. We really worked hard across the government not to implement a one-size-fits-all approach for telework. The goal was to empower the supervisors and leaders to make decisions based on job suitability and performance, and employee suitability.”
Cross said the change in telework also will impact transit subsidies, office supplies and morale.
Additionally, USDA has saved millions of dollars over the past five years because of telework.
“In a time where the government is being asked to think and act more like a business, telework/remote and flexible work offers agencies a strategic, competitive edge on retaining and engaging top performers who we must be able to keep around in order to deliver the most important services to the American public whom we serve,” she said. “All the best private companies/organizations understand that workplace policies like telework are a win/win for both the organization and its employees.”
Streiffer said in his San Francisco office of USDA’s general counsel he’s worried that changing the telework policy could push good people out the door.
“We have highly trained and normally highly paid white-collar professionals like attorneys who trade a more lucrative private sector career to go in to public service because we believe we can have a better work-life balance,” he said. “When those are scaled back, then we lose the ability to attract and retain the type of people who can excel type of services to public.”
The Federal Employee Viewpoint Survey also proves out that telework is a win-win for both employees and management.
The Office of Personnel Management reported in its 2017 Telework Report to Congress that the 2016 FEVS data shows that employees felt teleworkers were held more accountable, had better engagement, retention and were encouraged to be innovative.
Others are concerned by cutting telework as a perk, its USDA and the administration’s way of reducing the workforce through attrition instead of buyouts or more harsh tactics like layoffs.
One federal official said USDA and other agencies who may want to use this tactic should be careful because many times the best people are the ones that end up leaving.
“There is a sense that change is happening to feds and not with feds. If you remember the American public and agencies were asked to give suggestions to reorganize the government, and no one ever heard back about those plans and their suggestions. Agencies never closed the feedback loop,” the official said. “With something like that you have a responsibility to close that loop. In any agency you have no idea what was put forth and what wasn’t unless you were working directly on the reorganization plans.”
AFGE’s Painter said USDA should’ve taken a more measured approach to this change.
“They should’ve run a pilot and done a study and talked about customer and workers’ satisfaction after completing a pilot,” AFGE’s Painter said. “Then they could’ve looked at what they needed to do. But that wasn’t the case. They just said this is it.”
The standing-room audience of government contractors and federal employees at the General Services Administration’s headquarters building on Jan. 9 were left with more questions than answers during the government’s first day-long listening sessions about how to implement Section 846 of the 2018 Defense Authorization bill—otherwise known as the Amazon amendment.
Congress tasked GSA and the Office of Management and Budget to set up a pilot e-commerce marketplace for commercial items using more than one portal over the next three years. GSA used this first meeting to begin Phase 1 of the effort to develop an implementation plan and come up with recommendations on what laws and policies need changing or updating to make this initiative come together.
As an ironic aside to this discussion that shows just how difficult this task will be, Sen. Rob Portman (R-Ohio) introduced legislation on Jan. 9 that would put a bit of a wrench in this effort.
The BuyAmerican.gov Act would require new guidance from OMB, the Commerce Department, the Federal Acquisition Regulations Council and others on how to make assessments on whether to waive the Buy American Act, and then GSA would develop a website to post publicly all waivers.
The Buy American Act, the Trade Agreements Act, the Berry Amendment, the Small Business Act and several others are up for discussion on what wouldn’t be required as part of these new e-commerce portals.
While the legislation is far from becoming law, the fact that Portman has bi-partisan support for the bill is a sign that some in Congress are paying attention to these acquisition laws and regulations, potentially making it more difficult for Congress to waive them for e-commerce initiative.
Let’s return to the listening session. GSA and OMB made it clear from the beginning, they were there to ask questions, listen to industry experts and gather information, and not to answer questions.
This left the audience with even more questions than answers.
As one of those members of the audience—kudos to GSA and OMB for opening up the event to the press—there were several questions and interesting items that emerged during the discussion.
The two executive representing programs under the Javits-Wagner-O’Day (JWOD) Act, such as Ability One and other procurement programs for people with disabilities, came out swinging the current laws and regulations as a reminder to OMB and GSA. Todd Tiahrt, a lobbyist for the National Association for the Employment of People who are Blind, repeated on several occasions that through “software algorithms” the portal could ensure they are meeting the laws and policies of the land.
“Buying online is an interesting concept, but should the government ignore current laws? I say purchasing can be convenient and comply with the laws,” Tiahrt, a former Republican congressman from Kansas. “What relief is necessary? The existing commercial systems are not subject to the FAR or JWOD or trade agreements, but the statutes should not be waived. Taxpayer dollars come with rules and accountability that is demanded by the public.”
He also talked quite a bit about online portals delivering “marijuana cookies and wine to our soldiers,” but the ridiculousness of that argument is a discussion for another time.
But Tiahrt seemed to miss the point of the discussion. Congress wants GSA and OMB to make recommendations on acquisition laws or policies need to be updated, changed or waived in order to make buying of commercial products better, faster and cheaper.
So making the argument that the statues are “the laws of the land and need to be followed” came off as out of touch and a bit misguided, given what Phase 1 of the initiative is about.
Kevin Lynch, president and CEO of National Industries for the Blind (NIB), took a more pragmatic approach to the discussion.
“There are reasons why these laws exist, for good policy reasons. When GSA closed its depots, they didn’t get rid of policies,” he said. “We updated our products by making our delivery models more efficient. We modified our processes and systems to deliver more effective services.”
Lynch said there is existing technology to help marketplace vendors comply with the Ability One mandate, and GSA is showing how it could work through its GSA Advantage portal.
“GSA also uses a remediation tool that is very effective to increase program compliance,” he said. “We’ve learned through past experiences of implementing new purchasing systems that it requires new training and education throughout the entire sector of users.”
Still, too often, Lynch went back to the reason why the policies and laws are in place as a reason why change should be measured and tightly controlled.
Tiahrt and Lynch need to offer more concrete reasons to keep the JWOD mandates in place beyond the “it’s the law” argument. As we’ve seen time and again with small business socioeconomic programs and others, that line of reasoning hardly ever works.
Several panelists pushed GSA and OMB to determine and make public the goal of this entire effort. Raj Sharma, CEO and Co-Founder of Censeo Consulting and founder of the Public Spend Forum, said the lack of clarity in the legislation means GSA and OMB must come up with the goals of the program.
“What does competition mean or pricing mean? Is it by the unit or total spend or what? We need to be clear about the problem statement and the outcomes we hope to achieve and that will drive the overall strategy and processes you must cover and compliance requirements that need to be addressed,” he said. “We need to be clear about what we mean about e-commerce portals too. Do we mean e-procurement or e-auction or e-markets? In some ways, the government has adopted ecommerce through things like GSA Advantage or reverse auction sites.”
He added the private sector has defined these concepts very differently. Sharma said with e-marketplaces, vendors can easily ramp on and ramp off, while e-procurement sites include more flexibilities to manage the needs of users.
These definitions are important as the commercial marketplaces come with a wide assortment of challenges.
Jean Edwards, director of business development and program capture at Dell-EMC federal sales, said some commercial online marketplaces use a “pay-to-play” model to push certain companies to the top of searches.
“This should not be a condition for the federal government,” she said. “By allowing this structure to prevail would have two effects. It would limit the range of products, services and prices especially around small businesses because it favors large businesses who are able to support the pay-to-play toll. Second, existing online marketplaces that provide IT require IT solutions that utilize only the marketplace portals around cloud solutions so when cloud is part of IT solution, it excludes other providers. That limits competition for price and access. Vendor must be able to define products and services they choose to make available through the portal.”
House lawmakers make it clear that their goal is to get more competition through the marketplace to lower costs.
Alan Chvotkin, the senior vice president and general counsel for the Professional Services Council, an industry association, said if competition is the overarching goal, then multiple portals need to be part of the effort.
“Then the question of what is competition within the portal. As a portal provider, if only one vendor product is available depending on whether your business model is that of an aggregator or not. I think it’s important to think about the definition in that context and make it clear that competition would be around and among the portals,” he said.
Roger Waldron, president of the Coalition for Government Procurement, another industry association, put a finer point on the need for defining the program’s goals particularly around competition.
“Is it a shopping mall? Or is it more interactive where government is seeking a quote based on dollar size of order? That’s the rub,” he said. “Some portal providers you may be going directly to them to buy something, depending on the nature of the contract. If portal providers want to hand-off to a third party to make the sale, then the question is whether sellers compete in some manner or form? I don’t know many commercial platforms that do the back and forth for sellers. I think you can do that on FedBid and GSA E-Buy, but that’s not within the context of this portal discussion.”
This is why Sharma’s recommendation to define the goals of the effort at the beginning is so important.
Dedicated career federal employees have held all of the government management positions at the Office of Management and Budget (OMB) for more than a year. Some like Lesley Field, the acting Office of Federal Procurement Policy (OFPP) administrator, have been in this temporary position many times over the last decade so she knows the drill and does a good job.
The good news is there is some light beginning to break through. The Senate Homeland Security and Governmental Affairs Committee approved the nomination of Margaret Weichert to be the deputy director of management at OMB on Jan. 8 by voice vote. Now the full Senate must confirm Weichert to end more than a year without a DDM.
Once Weichert is in place, observers expect the White House to fill out positions fairly quickly.
One name that has emerged as a leading candidate for the OFPP administrator is Moshe Schwartz, an analyst focusing on the Defense Department for the Congressional Research Service (CRS). Sources say the White House is vetting Schwartz, who most recently was part of the professional staff of the Section 809 panel, which is developing recommendations on changes to DoD acquisition policies and regulations.
Schwartz would be an interesting pick for OFPP administrator. According to his LinkedIn profile, Schwartz has never worked in acquisition and only studied it at the CRS and the Government Accountability Office. He’s worked at CRS since 2008, and at GAO before that starting in 2004.
This doesn’t mean he wouldn’t be a good OFPP administrator. One of the best OFPP administrators in the last 15 years was Dan Gordon, who spent his career at GAO before moving to OMB.
If Schwartz is indeed nominated and confirmed by the Senate, how will he bring that extensive knowledge of the military and its acquisition processes to the entire government. While the Federal Acquisition Regulations are the ceiling above every agency, the assortment of rooms for DoD are much broader than anywhere else in government and that could mean a steeper learning curve for him.
The good news is Schwartz will have one of the best staffs in government working at OFPP, and who are used to bringing much less qualified leaders up to speed.
Schwartz has a law degree from Yeshiva University in New York, New York, and a Master’s in public policy from Carnegie Mellon University in Pittsburgh, Pennsylvania.
While it’s unclear if Schwartz will be nominated, there are several other changes in the federal IT community that are happening.
The Homeland Security Department is losing two technology experts.
Jeanne Etzel, who most recently has been senior advisor to the DHS chief information officer and worked in several other roles since 2013, announced her retirement effective Jan. 31. Sources say her last day in the office was Jan. 10.
Etzel, source say, is planning on a real retirement, meaning she is highly unlikely to find her way back to the government as a consultant or by working for a contractor.
Rumors that Etzel was going to retire started back in the fall, but with the turnover in the DHS CIO’s office she stayed on to be acting CIO in the spring and acting deputy CIO in the fall during the transitions.
During her career, Etzel served as FEMA’s CIO and worked in several executive-level positions in private industry, including as CIO and vice president at Capgemini U.S. and as a senior manager at PriceWaterhouseCoopers.
Along with Etzel, DHS is losing its chief technology officer. Mike Hermus announced to senior staff last week his last day in the office will be March 2.
Hermus came to DHS in 2015 after spending his career in the private sector. He previously served as chief product and technology officer at House Party Inc., a social marketing platform, as well as CTO at FirstCarbon Solutions, Enverity Corp. and Market XT.
Sources say Hermus, who has been commuting to Washington, D.C. from Connecticut, decided the travel finally was too much and wanted to honestly spend more time with his family.
Hermus’s departure will leave DHS down two senior leaders in the CTO’s office. Rob Palmer, the deputy CTO, left in October.
Sources say one of the reasons why Hermus is sticking around for another six weeks is to help DHS develop a job posting for the position and help with the transition.
Fedscoop first reported Hermus’s decision to leave.
During his tenure as CTO, Hermus grew and developed the CTO’s office. It now has more than 100 staff members that are helping DHS adopt modern IT practices around oversight and delivery.
And speaking of CTOs, the Transportation Department posted for a new one on USAJobs.gov.
“[T]he chief technology officer (CTO) provides technical advice and support to the Department of Transportation’s chief information officer (CIO) on technology innovation. The CTO advances the achievement of the agency’s mission by assisting senior management in recognizing where technology can add value while transforming or supporting program priorities,” the posting states. “The CTO leads the department in a visionary, collaborative and customer-focused manner to leverage technology resources in order to improve business processes, accomplish strategic DoT missions, goals, and program objectives and reduce costs. The CTO initiates and advocates departmentwide system enhancements and changes and promotes the use of information technology and innovative technology solutions to improve the operations, productivity, efficiency, effectiveness and service delivery of the department.”
Applications for the position are due by Jan. 18.
Additionally, Tracee Boxley, the Government Publishing Office CIO, seems to have left the agency. It’s unclear if she retired or took another job in government.
GPO posted the CIO’s position on USAJobs.gov and listed Layton Clay as the acting CIO.
Boxley had been CIO only since October after serving in an acting capacity starting in November of 2015.
Clay has been with GPO since 2004 and has led the Application Management and Development Division since 2015.
Job applications are due Jan. 26.
The White House is considering adding one more piece to its IT modernization strategy. The Trump administration is floating a draft executive order focused on, once again, defining the roles and authorities of agency chief information officers.
Federal News Radio has obtained a copy of the draft EO from December, which sources say has been circulated for comment across the federal CIO community.
“Despite multiple legislative mandates, agency chief information officers do not have adequate visibility into, or control over, their agencies’ IT spending, resulting in duplication, waste, and poor service delivery. Enhancing the responsibilities and accountability of agency chief information officers will better position agencies to modernize their IT systems, save taxpayer dollars, reduce cybersecurity risks, and better serve the American people,” the draft EO states.
The EO would cover every CFO Act agency except for the Defense Department.
Why this White House continues to exempt DoD from its IT modernization strategy mandates remains a mystery and is perplexing. The administration did the same thing with the Centers of Excellence initiative.
Yes, DoD is the 800-pound gorilla when it comes to federal IT and has a budget that dwarfs every other department, but it doesn’t mean the Pentagon couldn’t use some outside and independent advice and direction.
Even Congress recognized the need for DoD to add more weight to its CIO. In the 2018 Defense Authorization bill, Congress approved and President Donald Trump signed into law a provision that would make the CIO position presidentially-appointed and Senate-confirmed.
But the decision not to include DoD is a discussion for another time and notebook.
The draft EO didn’t impress any of the former federal IT officials, all of whom spoke on the condition of anonymity in order to talk about a pre-decisional document, who have seen the document, with most saying there is little new or different in the White House’s plans than they’ve seen over the past 15 years.
“As an EO, it signals the administration’s intent to watch this area more closely than before, which is good,” said one former federal IT executive. “It will also help OMB and oversight committees focus more on this area.”
Another former CIO said the EO should cover more than just the CFO Act agencies, but those that run high-valued systems and data, such as the Securities and Exchange Commission or the Federal Communications Commission.
“There is interpretation done at those agencies and they ‘pick’ what is useful and what is not,” said one former CIO. “Clinger-Cohen applies but FITARA [Federal IT Acquisition Reform Act] doesn’t. And the oversight will only come from GAO/IG and NOT OMB because they are NOT a covered agency.”
Overall, the Trump administration is paving over well-known ground and long-standing challenges that previous laws and policies have come up short trying to solve.
The draft EO’s goal is to improve “the management and oversight of federal IT by designating the chief information officer of each covered agency as the primary point of responsibility and accountability for management of IT resources within that agency. The agency chief information officer should be the key strategic advisor to the agency head concerning the use of IT to accomplish the agency’s mission, reduce cybersecurity risks, and improve efficiency,” the draft EO states. “Consistent with statute, the agency chief information officer should play a central role in all annual and multi-year planning, programming, budgeting, acquisition, and oversight processes related to IT. As such, the agency chief information officer should establish an enterprisewide technology roadmap and govern its execution. This requires the latitude to operate across agency component organizations and to drive the enterprisewide consolidation and modernization of the agency’s IT portfolio.”
One former federal IT executive said while putting the CIO in charge of cyber risk is consistent with Federal Information Security Management Act, it is inconsistent with industry trends and best practices.
Emails to the Office of Management and Budget asking for comment on the draft EO were not returned.
The biggest change the EO is proposing is around hiring authorities for IT staff.
“Within 60 days of the date of this order, the head of the Office of Personnel Management shall grant to each covered agency direct hiring authority for IT employees that meet the qualification standards for positions the agency CIO deems critical, enabling the CIO of each covered agency to hire, in an expedited manner, qualified individuals for a period not to exceed four years,” the draft EO states. “An agency may, at any given time, use this authority for not more than 25 percent of its IT workforce. Employees hired using this authority may not be transferred to positions primarily performing non-IT functions.”
OPM gave agencies in November new hiring authorities for positions such as cloud architecture; solutions architecture; and cloud migration from legacy hardware platforms to the cloud. Additionally, the CIO Council held a hiring fair in November to help address the shortage of qualified IT workers.
But this provision in the EO would expand those efforts both in terms of the types of workers and the length of time to use the authorities.
Several former executives say the administration should enforce the existing laws under the Federal IT Acquisition Reform Act (FITARA) and the Clinger-Cohen Act instead developing new policies.
“The EO fails to address the true problem plaguing CIO authorities, which is how money is appropriated in the first place,” said one of the former IT executives. “If IT dollars are appropriated directly to program accounts and bypass the CIO, then the CIO will remain nothing but a bystander during strategic agency decisions.”
And this brings back the fact that OMB and Congress have tried many times over the last 15 years to consolidate, boost and amplify CIO authorities, yet the systemic problems continue.
For instance, in 1996 the Clinger-Cohen Act codified the role of the CIO and the 2002 E-Government Act further clarified those requirements.
In August 2011, OMB further addressed CIO authorities, focusing on commodity IT purchasing.
President Barack Obama signed FITARA into law as part of the 2015 NDAA, and former Federal CIO Tony Scott issued implementation guidance in June 2015.
Despite these efforts, agency progress with FITARA, particularly with CIO authorities, has been inconsistent. In the latest FITARA scorecard, three agencies, including DoD, received a “F” grade on the CIO authorities section, and 12 CIOs still do not report to the secretary or deputy secretary of their agency.
The draft EO attempts to address many of those FITARA scorecard shortfalls, including requiring the “chief information officer of the covered agency [to report] directly to the agency head or the principal deputy of the agency head.”
The first former IT executive said they would’ve liked to have seen stronger language around CIO budget authority and the elimination of the “principal deputy” language in the reporting relationship.
“That preserves some historically awful relationships in places like DoT,” said the executive. “Also it seems like a missed opportunity to say what things the CIO is responsible for. For example, is the CIO responsible for cybersecurity. What about the CISO role within the agency? Is the CIO responsible for data within the agency? What about the chief data officer?”
Additionally, the draft EO would require the department’s CIO to approve any and all bureau or subcomponent level CIO appointment.
The final two sections of the draft EO focus on IT governance and risk management.
First, the proposed order would require the component or agency CIO to have their performance plans aligned with the enterprisewide technology roadmap and be accountable to the CIO for executing on the strategy.
“[T]he head of each covered agency shall ensure that the chief information officer of the covered agency shall, at minimum, fulfill the role of voting member, and, where appropriate, chair, of any IT investment board of the agency, or any board responsible for setting agencywide IT standards,” the draft document states.
It’s unclear if the White House eventually will finalize the EO, and based on what the current draft, it’s unclear how much it even will help.
Reps. Will Hurd (R-Texas) and Gerry Connolly (D-Va.) may have the best approach of hauling non-IT executives before the Oversight and Government Reform Committee and asking them to explain their agency’s approach to IT management.
The battle for the next great IT services governmentwide acquisition contract took a bit of an unusual turn in early December when Obxtek Inc. filed a protest of the Alliant 2 awards in the Court of Federal Claims.
While Obxtek’s grounds for protest are unclear — the vendor asked the court to keep most of the specifics about the record under protective seal — we do know that the company was unhappy with the General Services Administration’s decision not to evaluate the price or technical proposals of those companies that didn’t make the initial self-scored cut.
“In accordance with the terms of the solicitation, GSA fully evaluated only those proposals with the highest final scores. GSA awarded contracts to 61 offerors on Nov. 17, 2017. There were 109 unsuccessful offerors,” Obxtek’s lawyers wrote in court documents. “In addition to the 61 offerors awarded a contract, GSA conducted a full technical evaluation, but not a full price evaluation, of the proposals of 10 unsuccessful offerors. GSA did not conduct a full technical evaluation or a full price evaluation of 99 unsuccessful offers.”
At the same time, another protestor, the Centech Group, also moved its protest from the Government Accountability Office to the Court of Federal Claims as GAO decided its case was similar to Obxtek’s.
GSA awarded 61 companies a spot on the $50 billion Alliant 2 GWAC on Nov. 17. Less than 10 days later, five companies filed bid protests with GAO putting the contract on hold for at most 100 days. Through Obxtek’s filling, we also learned another vendor has filed an agency-level protest of the award bringing the total of complaints against the Alliant 2 awards to eight.
The decision by these two companies to file with the Court of Federal Claims could delay the decision further as the court doesn’t have the same 100 day limit as GAO.
A GSA spokeswoman declined to comment on pending litigation, but did confirm the stay of the contract remains in place.
The reasons for going to the Court of Federal Claims vary according to federal procurement attorneys, and the court doesn’t necessarily guarantee a better outcome for protestors.
Barbara Kinosky, managing partner of Centre Law and Consulting LLC, said many times vendors file with the CFC because they missed the GAO’s deadline of 10 days after “the basis for the protest is known or should have been known, whichever is earlier.” And at the same time, some believe the CFC offers a different type of impartiality.
“As to fairness and benefits of choosing one over the other; many perceive the court as more willing to dive more into the merits of the claim and discovery procedures could give vendors more information to support their claims,” Kinosky said in an email to Federal News Radio. “The opportunity to depose the contracting officer has many protestors rubbing their hands with glee.”
David Yang, a partner with Blank Rome LLP, said the court forces the agency defendant to produce more details about their decision.
“The biggest pro at the court is that protesters get the full record as a matter of right, whereas at GAO, many agencies will only produce those portions of the record that relate to the allegations in the protest,” Yang said in an email to Federal News Radio. “The piecemeal approach at GAO handicaps protesters from reviewing the full record and constrains their ability to make full arguments or to raise supplemental arguments — which is why agencies use this tactic. The automatic production of the full record at the court bypasses this waste and allows the parties to focus on the merits instead of fighting over document productions.”
Neither Yang nor Kinosky said vendors are more likely to win in the Court of Federal Claims versus GAO.
While Kinosky said companies have a higher win rate at GAO, both venues do not notably differ in their interpretations of procurement law.
Yang added vendors must climb the same large hill before both GAO and CFC as long as the agency’s award decision is reasonable and supported by the record.
“There is not a clear substantive difference in standards between the two forums. However, in closer cases, our experience has been that the court may more likely side with the protester whereas GAO is more likely to defer to the agency,” he said. “As for fairness, both forums do their best, but GAO is significantly more taxed in case load than the court, so GAO perhaps has less time to dig into the record or consider arguments as fully as the court. This doesn’t mean that GAO takes short cuts but GAO’s reasoning/analysis isn’t always as sharp as the court, as demonstrated by the level of detail of the decisions issued by GAO and those issued by the court.”
The one central issue to all of this is GAO already sided with GSA on four pre-award protests around the use of the self-scoring system where price evaluation is a minor factor.
In January 2017, GAO ruled there was nothing improper about agency’s use price as a nominal evaluation factor. The agency also said the use of “point scores” as an evaluation system also was appropriate.
“As explained by the agency, this procurement does not involve a tradeoff and the agency’s price evaluation will consist of determining the fairness and reasonableness of multiple aspects of the highest rated offerors’ proposed rates,” GAO stated in January 2017.
So in the end what does this all mean? First off, GSA will not open the Alliant 2 contract for business until mid-2018, which is just fine as the current Alliant contract expires in 2019.
Second and depending how the initial rounds of discovery goes, it wouldn’t be surprising for GSA to reopen the evaluation process and let most or all bidders on the contract. GSA Administrator Emily Murphy said many times one of her goals is to ensure competition at the task order level rather than the contract award level. So giving all 109 or a larger number than 61 vendors a license to hunt under Alliant 2 isn’t necessarily out of the question.
Finally, because of GAO’s previous ruling, these protests could be dismissed fairly quickly as the evaluation system and the decision by GSA not to use price as a major evaluation factor could quickly put these protests to rest.
The Reporter’s Notebook turns 5-years old this month. With more than 9,800 dedicated subscribers and thousands of other readers, I want to use this first notebook of 2018 to thank everyone for their support and words of encouragement over the years.
The Reporter’s Notebook started five years ago as a way to flush out and highlight news and information that was “getting lost in the shuffle,” or in my case buried in my 8×11 pads of paper— now in my laptop.
It has since morphed, first and foremost into much-needed analysis of federal IT and acquisition news. It’s also the place to go to find the “people on the move” in the federal community. One thing I’ve come to understand in almost 20 years of covering this community, people like people news. And finally, it has developed into an outlet to address some of the biggest and ongoing frustrations and challenges in the federal market — have I mentioned by soapbox of the lack of transparency in the General Services Administration’s schedule and other multiple award contract programs lately?
As I’ve said from the beginning, this is not a column nor commentary — it’s news tidbits, strongly sourced buzz and other items of interest that have happened or are happening in the federal IT and acquisition communities.
As always, I encourage you to submit ideas, suggestions, and, of course, news to me at firstname.lastname@example.org.
Here are the top Reporter’s Notebook stories for 2017:
So there’s your top 10 Reporter’s Notebook stories for 2017. Over the next 12 months, we will continue to analyze and help you better understand the trials and tribulations of the federal IT and acquisition communities. Stay tuned, it will be a fun ride.
Call last week “the week of IT modernization.” First, the Modernizing Government Technology Act became law. Then, the White House released the final version of the IT Modernization Strategy.
Finally, on Thursday, the White House’s Office of American Innovation rolled out its Centers of Excellence (CoE) initiative with the Agriculture Department being the test case.
In all, as one federal employee tweeted, it was a good week to be a federal IT nerd.
During the first year of the Trump administration, the federal IT community waited for direction. Still, without a federal chief information officer, the well-intentioned lieutenants moved the government forward, sticking to a similar path they had been on for the last eight years.
But now with the IT Modernization Strategy and more details about the Centers of Excellence, there is specific direction coming to agency CIOs and the federal contractor community.
“I see the strategy maturing. I think it’s good work and there was a lot of good feedback that was taken into account,” said Tony Scott, the former federal CIO and now a senior data privacy and cybersecurity adviser for Squire Patton Boggs. “I think the issue is how do we get going and operationalize it all now.”
As it goes in most organizations, the planning is the easy part and the implementation will be tough. But this is one of those times when all stars seemed aligned to make the details less devilish.
“A lot of things are coming together. It’s not just about migrating to cloud. It’s not just about cyber. It’s not just about modernization. It’s not just about shared services. I think this requires a comprehensive approach in the way you go after things,” said PV Puvvada, Unisys federal president and the newly elected chairman of the board of directors for the Professional Services Council. “What is very good about the current environment is you have the regulatory side, you have the agency side as well as the congressional side all behind a broader theme of, ‘you need to look at modernization from a bigger picture.'”
Let’s start with the MGT Act as the first piece to the puzzle.
Rob Klopp, the former Social Security Administration CIO, said even though the most important part of the law hasn’t been allocated yet — the central fund, a $228 million request the White House remains optimistic Congress will come through with — agencies can take advantage of the working capital funds.
Experts say saving money to put into the working capital fund is not a realistic approach, but there is plenty of money to deposit into that bank account, if you know where to find it.
“At SSA, we had an innovative program where at the end of the year, if there were funds that were not spent, which there always were — and it’s a normal outcome of the planning process and not bad planning because you have to budget for worst-case scenarios, and things don’t always come in at that worst case, so there is money leftover or things naturally get pushed off. It’s normal to have money left over — we took all of that extra money and used it to fund a year’s worth of IT consulting or other technology needs,” Klopp said. “We then reduced the amount of money allocated to IT because we knew at the end of the year, we would forward the leftover to that fund.”
Karen Evans, the former e-government administrator under the George W. Bush administration and a former Energy Department CIO, said the MGT Act may actually benefit from the continuing resolutions that agencies almost always are funded under.
Evans said because new initiatives usually can’t be started under a CR, when the agency finally gets its funding, they don’t have to rush to spend it all and attempt to spend it smartly in a shortened, say six month, time frame. Instead, she said agencies could spend what they need and then reprogram the rest into the working capital fund.
“If the CIO is tracking their IT funds like they should be, then they should be able to find it. They have to justify and declare it under the MGT Act, but that’s good for transparency to Congress, and if they get approval, then technically it can’t get scooped up by OMB during the year-end review of spending,” said Evans, who now is the national director of the U.S. Cyber Challenge and a partner at the management consulting service KE&T Partners.
OMB has been working on guidance and running test cases through the review board that the MGT Act requires the General Services Administration to stand up.
“We’ve conditioned the whole organization to live in a world where there are CRs and partial-year budgets, so the natural behavior in response to that is to over-budget. I think, in addition, you will have some projects you thought you would do that, in the end, you decide not to do or do in a different way, and as we shift from doing a lot of siloed projects to shared services, that is another opportunity where it might have cost 10x to do something, but we might find that we are thinking about how we do that project in a different way and it could be done for 5x. So there are multiple sources of funding for the working capital funds.”
Kevin Cummins, the vice president of technology for the Professional Services Council and a former senior legislative assistant for Sen. Tom Udall (D-N.M.), who helped draft the MGT Act, said the approval from Congress will be important because lawmakers are inherently skeptical to give agencies more authorities.
So if there is a path for agencies to get money to modernize their legacy systems, the IT Modernization Strategy gives CIOs a starting place.
Klopp, who now is CEO of the Klopp Technology Group, and is working to lead the digital transformation effort in California’s Medicare and Medicaid system, said the strategy is powerful in a lot of dimensions.
“There is a lot of emphasis on network and securing the perimeter, and that is critically important. However, the bigger and better agencies that get good report cards on their cyber posture get those better reports because they have already secured their perimeter. So the directives around the network are important for lots of agencies who are behind and less important for those who were ahead,” Klopp said. “The push toward the cloud is critically important. The one thing that the strategy doesn’t address is the systems that need to be modernized are systems that run on legacy hardware platforms and those systems are not capable of being deployed in the cloud. So all of the discussion around driving agencies to move apps to the cloud is important and agencies need to be doing that.”
He added the strategy is silent on business process change and that’s the one area where agencies need the most help.
Scott said the strategy’s decision to call out the use of application programming languages (APIs), scalable cloud services and shared services will address some of these business process modernization needs.
“The piece that we struggled with is the Trusted Internet Connections (TIC) initiative. That is a model that has to mature and get solved,” Scott said. “It’s an old construct that is applied to modern-day cloud that doesn’t work. It causes performance, cost and latency issues, so the call to double down and sort that out is important. There has been a lot of good work that has happened, but the definitive solution has not been figured out yet.”
The one overarching issue that experts say was missing from the IT Modernization Strategy was around the workforce.
Unisys’ Puvvada said his company sees the need for better program and project management on the government side.
Klopp said at SSA, federal employees or contractors with modern software development skills are in short supply.
“It requires a modern thinking in how you do agile, how you get releases out fast and fail fast,” Puvvada said. “You have to have this idea of you can integrate everything and manage the scope in such as a way that you don’t have to get all your requirements done up front.”
Klopp said, for this reason, he pushed SSA to move to the cloud first and then modernize second, because once in the cloud, the agency can then take advantage of these agile or dev/ops methodologies.
It’s that workforce challenge where the Centers of Excellence become the third leg of the IT modernization stool.
The White House’s Office of American Innovation, OMB and GSA are setting up CoEs made up of federal employees, industry experts and research organizations, such as federally-funded research and development centers, to bring the necessary cloud, customer design and analytics skills to these modernization efforts.
PSC’s Cummins said the decision to start with the Agriculture Department and test out these concepts makes a lot of sense.
“There is an emphasis on customer service user interface and that’s important,” he said. “USDA is an interesting testbed because they have a lot of different programs they run that interfaces with citizens.”
Scott hit many of the same notes as Cummings about the CoEs. He said it starts to encourage cross-agency thinking and sharing of APIs and best practices.
Klopp said the CoEs are addressing many of the same challenges he faced at SSA.
But the one missing piece is what happens between the cloud user experience and design.
“The core of what a modern software product looks like is those who are writing the code that solve for the business problem,” Klopp said. “I’m not exactly sure how to characterize that middle chunk, maybe it’s a CoE of modern development architecture and tools. It would be a great addition. Agencies need people to write code that is optimized to run in the cloud. There is a lot of anecdotal evidence of CIOs who move to the cloud and they are not seeing savings and the reason is they didn’t have software that was optimized for the cloud. It takes a different approach in thinking that would be well served.”
Overall, industry, government and former federal experts say the administration and Congress have put the pieces in place to push the IT modernization effort forward.
“It’s all about execution now. We’ve had plans and tools and a lot of excuses for non-performance before and they have been removed,” Evans said. “It’s the people and culture challenge that has to be overcome. Now CIOs have the right tools and if they have the right skill sets to execute, this will be successful.”
As the Trump administration’s plan to modernize federal IT came together last week, it received broad support from industry and government experts alike.
Yes, the central fund that comes under the Modernizing Government Technology Act still is not funded. White House officials, though, still hold out hope that the Senate will add funding into the finalized fiscal 2018 spending bill.
And yes, the IT Modernization Strategy includes more than four dozen assorted deadlines over the next 30-to-240 days, many of which are unlikely to be met because that’s just how government works many times, but all are achievable and important.
It’s this last piece of the IT modernization puzzle, the newly introduced Centers of Excellence (CoEs), where the Trump administration begins to lose its way.
Federal observers are supportive of the concept of bringing federal, industry and research experts together to provide agencies with key skills to address cloud, customer experience, user design and analytics.
Why does the administration see the need to create the CoEs in the first place?
To at least this observer, it seems that the White House and the Office of Management and Budget are taking the easy way out by creating another organization instead of changing the focus of existing ones to do this not-so-sexy “plumbing” work.
As Office of American Innovation officials introduced the CoEs on Dec. 14 at the White House, the words they used, the description of what these experts will do — cloud, customer service, user-centered design, analytics, modern technologies — harkens back to what the previous administration said about the U.S. Digital Service and the 18F organization at the General Services Administration.
Back in March 2014, when GSA launched 18F, it said the organization, made up of Presidential Innovation Fellows, favored agile development based on customer feedback and analytics.
“First and foremost, by being focused on our users, we provide effective user-centered services focused on the interaction between government and the public it serves. At 18F, we want to build the 21st-century government you deserve,” GSA wrote in a Tumblr blog for 18F at the time. “Agencies should see 18F as a new way to procure, build and deliver innovative technology, digital services, and public-facing applications. We operate using three models: for you, with you, or by you. We can build your solution for you; work with your team and provide additional expertise or core capacity; or consult on how to build or buy user-centric interfaces most effectively. 18F’s team of experts is here to help. After all, we all share the same goal of delivering incredible, easy-to-use digital services for the people and businesses we serve.”
Chris Liddell, an assistant to the president and the White House’s director of strategic initiatives, said the CoEs can help accelerate the rate of progress by creating a central pool of resources to drive change.
“We want to leverage private-sector innovation,” he said. “If we staff it up, get great people, have them well organized, we can make a huge amount of change in a relatively short period of time.”
So the question then becomes: Why didn’t the administration shift the priorities of USDS and 18F to work on these infrastructure projects, instead of the high-profile programs USDS and 18F gravitated toward?
Was creating the CoEs easier than changing these two organizations, which have had a reputation for not being interested in basic blocking and tackling of federal IT modernization?
Joanne Collins Smee, the acting director of the Technology Transformation Service, who is leading the CoEs initiative, said the CoEs will merge with TTS, and that will give them opportunities to do the “sexy” projects, as well as the ones to address the “plumbing.”
“We had been focused on the fancy stuff and not enough on the plumbing, so we will do both,” Collins said. “But this focus on large-scale transformation is a new lens for the work we will be doing in TTS. We have brilliant men and women there. It may sound like another group, but we are merging two of the groups, and USDS is a very specialized skill, and I do work closely with [them].”
Smee added that the CoEs will charge fees for their services, similar to what 18F does today. She said agencies will have to pay for their IT modernization efforts out of their own funding, and then pay more for the CoEs’ expertise.
Karen Evans, the former e-government administrator under the George W. Bush administration and a former Energy Department CIO, said merging the CoEs and 18F could make a lot of sense.
“CoEs are the next evolution of USDS and 18F, and if it runs right and it’s managed right, you could further break those old molds,” Evans said. “You can get rid of old contracts and show return on investment, which is a big part of changing the culture of agencies. What you would do is have a short focus on what really should the architecture be, and then what you do when you procure and set up services over the long run. Once you figure out the architecture, then you put out the procurement and bring in the contractor, and these experts can make sure they do it right.”
Another sign could be the shakeup that happened last week within TTS, where Smee replaced Rob Cook as TTS director, and GSA moved Crystal Philcox, who had been assistant commissioner for operations in TTS since January, into a new position in the Federal Acquisition Service.
GSA confirmed that Cook is leaving government on Dec. 18.
“Rob has been a strong partner to work with as we merged FAS and TTS and I’m thankful for his service and leadership,” said FAS Commissioner Alan Thomas in a statement. “FAS is very proud of the work TTS has accomplished and we are committed to continuing to support the Administration’s focus on innovation and modernization in government.”
Sources say there was some sort of disagreement at a meeting with Cook and Thomas over the future of TTS that may have precipitated this personnel change.
Others say the CoEs are very different than USDS and 18F, and that’s a good thing, because there is plenty of work to go around.
Rob Klopp, the former Social Security Administration CIO, used a military analogy to compare USDS and 18F with the CoEs.
“USDS and 18F are like dropping a special forces team on top of a problem, or on top of a brand new app. They can change the tide of the battle, and then you would pull the team out to go do something else,” he said. “Their job was nothing to do with transforming culture, but not go in and work with agencies to change the way they approach IT. What you need now is an occupation force, which will go in and transform the agency. You can’t ask USDS and 18F to do a job they aren’t necessarily trained for.”
Tony Scott, the former federal CIO, expanded on Klopp’s analogy, saying USDS and 18F weren’t hired to transform agencies, but take care of big problems.
“If everyone in the organization believes they are part of the mission to transform and modernize, then folks can be catalysts and you have a great chance of success. If you just rely on the cool kids to make that happen and not engage the rest of organization who have skin in the game, then it will be much more difficult,” Scott said. “It’s a great goal to fix the underlying stuff, not just the front end. That is why you need collaboration across those spaces. You have to understand how the old stuff works, where the data is, the quality of the data and you need that coupled with people who have skills with more modern technology and they need to be working together as an integrated team to fix these big problems. It requires a big movement where everyone is aligned around the goal.”
USDS and 18F have matured over the last 18 months. In a recent interview, Eddie Hartwig, acting deputy administrator of USDS, told me his organization has moved away from just addressing projects in trouble, to helping agencies make sure their projects never get in trouble in the first place.
GSA’s 18F also has seen a lot of turnover in personnel and other changes in 2017 that may have been precursors to the possible merger with the CoEs.
What, if any, changes are coming for USDS and 18F will be worth watching over the next year, as the CoEs get going. But as of now, and on the surface, they sure look like duplicative efforts that this administration says it wants to stop having across the government. Let’s see how they live up to that goal.
For much of the past dozen years, federal identity management mostly focused on the Common Access Card at the Defense Department and its sister Personnel Identity Verification (PIV) in the civilian agencies for federal employees.
The calls to improve and modernize PIV cards and CAC have been rising over the last few years, especially as the technology sector for identity management continues to evolve.
While the Office of Management and Budget is expected to update and consolidate many of the policies governing how agencies address identity management, the technology side has been slow to transform.
Paul Grassi, a senior standards and technology adviser at the National Institute of Standards and Technology (NIST), confirmed a long-held rumor of OMB’s plans.
He said a 2004 memo for e-authentication will be rescinded in the coming weeks.
“Hopefully we will see in the identity realm something in the January time frame what the future direction is,” Grassi said. “The IT Modernization Strategy tasks OMB 45 days after to release an identity management policy. That’s coming. It will be out for public comment.”
Beyond the expected policy changes, DoD is on the cusp of some biometric breakthroughs that could give the federal identity management sector some considerations about the next generation of physical and logical access control.
Will Graves, the deputy product manager and chief engineer for biometrics enabling capability in DoD, said the Pentagon is planning several tests in Iraq or Afghanistan over the next year of face, DNA and other biometric modals.
“What we have been seeing lately is these new joint emerging requirements,” Graves said during an AFCEA Bethesda breakfast panel on Dec. 13. “When we talk about voice, we actually are going to deploy voice to the theater next year. We have a project that has rapid DNA. We are working with the University of Virginia to create a rapid DNA device that’s actually built on a CD. It’s a 10-pound device. It’s not packable in a ruck yet. But it’s going to be very cheap. The device is going to be less than $10,000. The current device right now is about $225,000. We are going to deploy that in the Central Command region next year.”
Graves said these tests are part of how DoD is shifting the use of biometrics from just law enforcement to identity and access management.
He said the Mark Center in Alexandria, Virginia is a perfect example of how DoD is using the modalities differently.
“There is an iris and fingerprint access. You can swipe your badge and say you want to use your iris or fingerprint and you can get into the Mark Center that way,” he said. “We are looking at contactless fingerprint and on-the-move face and iris, and we are going to deploy two systems in Kuwait right now and they are on the way to Iraq. They are in a 40-foot conex, so you walk through, swipe both hands and keep on walking and it does facial and iris recognition on the move as you walk through that conex.”
This is just the beginning, too. Graves said his research arm is developing video analytics for facial recognition from social media and from the dark web.
“If you are an ISIS fighter creating a video on how to build a pipe bomb, we can take that video, scrape those faces and put that face on a watchlist,” Graves said. “So if they come close to a [checkpoint], we will have that local watchlist and say, ‘That’s a bad guy, maybe put this person aside for additional screening.’”
He said video will become a more important identity and access management capability in the future.
DoD is using Amazon Web Services to demonstrate by March the concept of connecting closed-circuit television cameras and send the video feeds to an analytical back end. Graves said this capability will enable DoD to protect additional buildings because there are CCTV cameras on nearly every structure.
The science and technology office also about three weeks ago successfully tested a new “defense-in-depth” capability where a system used facial capture and recognition at 500 meters away. Graves said DoD has a requirement to do this from 800 meters away.
“We are actually trying to create that bubble further and further away,” he said. “If we can recognize you as a bad person 300 meters away, we can take some corrective action.”
As for the CAC, Graves said the CIO/G6 is looking at how they could use the biometrics submitted to get the CAC to verify employees for physical and logical access.
“It’s kind of a baby-step type of process. We will start with the physical access and then we will move on to some of the logical access,” he said. “DARPA has been doing some work on active authentication. As you are on the computer, it will take a face from the camera and confirm it’s you. They’ve also looked at keystroke, mouse stroke and other active authentication. If you steal my CAC and my PIN, you can’t actually access the information I’m allowed to access. That’s some of the stuff that is further down the road.”
|Feb 23, 2018||Close||Change||YTD|
|Closing price updated at approximately 6pm ET each business day. More at tsp.gov.|