Government agencies across the country face a variety of IT challenges, one of the most pressing being how to effectively integrate new technologies into existing IT systems to increase efficiency, reduce costs, and meet the demands of the modern citizen. And on top of that, the question becomes how should government do all this while effectively incorporating monolithic systems and ensuring that federal information remains secure? Legacy systems alone simply cannot provide the level of service that agency IT teams need to improve citizen engagement and data analysis. Equally as important to consider is the security threat that government systems face on a daily basis. Any new technology that organizations employ must be resistant to outside threats, integrate seamlessly with existing architecture, and aim to help citizens prosper.
So how should government agencies adapt and build for the future while simultaneously managing and integrating legacy systems? Agile development with DevOps, cloud security with FedRAMP, and cost-savings objectives through FITARA can help.
Shifting to a DevOps model allows for continual collaboration between developers and the operations team and allows agencies to become more agile. It reduces the need for the heavy lifting that legacy systems require and even offers flexible space for IT failure. That is, agencies have greater leniency to experiment with different solutions that they’re simultaneously developing and using within the agency. For true DevOps and agile success, agencies are able to make quick, smart decisions around their infrastructure with outcomes that provide real business results. The collaboration between development and operations can help in releasing working applications more quickly and streamlining the process of building, testing, and releasing software for agency-wide use.
Several years ago, federal policy makers realized that cloud is able to save agencies both time and money, yet had security concerns around the solutions. In response, FedRAMP, or the Federal Risk and Authorization Management Program was implemented. With FedRAMP, cloud services used by federal agencies are vetted for strict security protocols. The program was designed to standardize the federal government’s security approach to cloud computing with the goals of reducing government spending, increasing efficiency, minimizing waste, and ensuring that federal information remains secure.
With new initiatives surrounding the FedRAMP program, like FedRAMP High and the accelerated CSP approval process, FedRAMP is increasing its security standards and transparency. FedRAMP High is already being piloted in the DoD and DHS and aims to protect data that’s highly sensitive, though not sensitive enough to be named “classified.” FedRAMP Accelerated seeks to cut down the FedRAMP authorization process from 6-12 months to 3-6 months. With faster approval timelines that increase communication and transparency among the Joint Authorization Board (JAB) and the vendor, the FedRAMP team hopes to help vendors be more prepared while also helping agency’s more effectively plan for future procurements.
Even more, many state and local agencies are embracing the tenets of FedRAMP in order to bring cloud cost savings to their organization while maintaining the security protocols set by their federal counterparts. By adopting FedRAMP certified solutions, organizations at all levels of public service can feel confident that their data and applications in the cloud are protected.
Beyond contracting guidance, legislators have also helped to break down IT silos and encourage more collaboration within and between agencies. The Federal Information Technology Acquisition Reform Act, or FITARA, streamlines technology acquisition and enables teams to identify cost savings opportunities across various programs. Due to decentralized management practices and the absence of a central oversight authority to manage software agreements, the federal government spends approximately $6 billion per year on more than 42,000 software transactions. This results in the purchasing of unneeded products, a lack of inventory knowledge, and little to no sharing across government agencies that would allow for better purchasing.
Over the past few years, FITARA has aimed to fix these issues. The act, in conjunction with the OMB category management initiative, directs agencies to buy and manage shared commodities in a more coordinated fashion. A recent release on the program guides agencies to adopt more centralized and collaborative software management practices and generally forbid terms and conditions that prohibit sharing prices, terms, and conditions with other government agencies. Furthermore, within the next month, agencies are expected to appoint an internal software manager and supporting team to help more effectively comply with FITARA. In the next few months, agencies will also be expected to report on their current-state of IT: by September 30, 2016, federal departments must compile a baseline of their commercial software licenses purchased, deployed, and in use and by November 30, 2016, and each quarter afterwards, every agency must report to the OMB Integrated Data Collection all cost savings attributed to improved software license management.
While these new deadlines and requirements may seem daunting, government-wide, duplication efforts could be reduced by increasing the number of agency-wide software agreements, allowing for better management practices through automated IT asset locater tools and business intelligence software. And as Congressman Gerry Connolly, a proponent of the act, shared here, even in the initial stages of the transition, communication has increased between various CIOs and CFO, which theoretically will lead to a better understanding of what of technology and reforms are needed now and why. USDA, DOT, and Commerce are already leading the FITARA push and are helping other agencies find success with FITARA by offering these tips.
Technology will continue to develop and transform how government works. The key is to keep up with trends, plan for the future, build in resilience, and find the right solutions at the right value. For more on how your organization can confront the past and prepare for the future, check out the Innovation in Government Report in GCN.