At the beginning of 2020, the idea that the vast majority of the federal workforce would be working from home seemed like a remote (pun intended) reality. However, due to shelter-in-place orders across the U.S. this spring, much of the public sector work was being done from kitchen tables, guest bedrooms, and home offices. This fast pivot to remote work left agencies scrambling to get devices to employees now separated from their desks, develop reliable and secure connections to enterprise systems and applications, and re-engineer decades-old processes to accommodate fully virtual teams. Some examples include:
The Department of Homeland Security (DHS) created a workaround to give employees access to systems when they could not use their PIV card. An alternative credential process was created in under a month, enabling DHS to issue credentials that included logical access tokens to give employees and contractors access to DHS networks only. Unlike a PIV card, this credentialing system doesn't have the employee or contractor's photo ID or allow physical access to a DHS building.
We've covered how government procurement is evolving to meet the way agencies implement and consume technology. From agencies' use of public cloud platforms to agile development methodologies, old acquisition methods are unable to keep up with the pace and process required by modernization and digital transformation goals across government. In fact, the Modernizing Government Technology (MGT) Act was implemented to allocate funds specifically for the update of legacy IT systems to help agencies improve service delivery to the public, secure sensitive data and systems, and increase efficiency. To meet these mandates, procurement processes and technology have to change to be more in tune with the digital transformations happening at the operational level.
The Federal Risk and Automation Management Program, more widely known as FedRAMP, was put in place in 2011 to create a standardized approach to evaluating the security controls of cloud solutions for government use. For nearly a decade, FedRAMP has continually evolved to keep up with the growing availability of and demand for cloud solutions. In fact, the number of authorizations granted between 2016 and 2018 increased roughly 33% year over year.
With this in mind, the latest modernization of FedRAMP may be coming via the FedRAMP Authorization Act of 2019, which would expedite the approval process. Of particular interest is language in the bill that introduces the "presumption of adequacy." This means that once a cloud vendor is authorized through the FedRAMP process with one agency, it is cleared to work with other agencies under that initial authorization. The legislation also formalizes roles and responsibilities, designating the Office of Management and Budget as responsible for FedRAMP policy and making the General Services Administration in charge of day-to-day implementation. Finally, the bill stipulates metrics to track the implementation of the program.
Further influencing the demands on FedRAMP is the quick surge of support for flexible cloud solutions to enable telework environments amid the COVID-19 response. These developments may have a significant impact moving forward. While private industry is stepping up and offering technology for free to help secure public health and safety, the federal government must still look to FedRAMP guidance in utilizing cloud solutions. Today, more than ever, a quick and efficient approval process is essential.
The U.S. Department of the Treasury is the steward of U.S. economic and financial systems, and is responsible for maintaining the nation's financial infrastructure. This includes the production of currency, the disbursement of payments to the American public, revenue collection, and the borrowing of funds necessary to run the federal government. The most familiar agency within Treasury may also be the most dreaded, the Internal Revenue Service (IRS). With tax time approaching, we thought it was a good time to look at the challenges and focus of the Treasury.
Cybercrime - The Treasury has always been focused on preventing fraud related to currency and tax evasion, but much like the Department of Defense has recognized cyberspace as a new battlefield. Treasury is now focusing on the Internet as the primary stage for money-related crimes. The speed at which crimes are carried out online require new techniques and tools. The use of cryptocurrencies to mask criminal behavior is also a huge focus of the Treasury's investigative departments.
Cloud - Like the Intelligence community, Treasury is looking to develop a cloud solution that meets the unique security needs of its mission while delivering on the efficiencies of the on-demand nature of cloud. The Department is developing a proposal for "T-Cloud," an enterprise wide suite of cloud and professional services across multiple providers. The goal to is award this contract and get it implemented by 2022.
Citizen Experience - The IRS may be one of the most visible government agencies as citizens interact with them at least once a year. With their high touch with the public, the IRS has been a leader in redefining what customer service means in government. In fiscal 2018, 90% of customers were satisfied with their service via phone or a tax assistance center. This does not mean the work is done. A recent report gave the IRS a C+ on its use of language, saying the agency needs to make their web content more user-friendly using Plain Language
For those working at or supporting the Treasury, there are several upcoming events that can help bring these challenges and their solutions into focus.
With the government fiscal year starting in October, our Federal government gets a head start on their New Year's resolutions. As we launch into a new year--a new decade, even--we wanted to take a quick look at government technology priorities for 2020 and beyond.
Cybersecurity - In the past decade security has transitioned from a stand-alone technology that had to be added to planning and systems, to a utility-type service that is baked into every piece of technology deployed within government. This fall, Federal CIO, Suzette Kent shared her focus areas for the next year (and beyond) to include cross-agency information sharing, improved identity management, and increased workforce cybersecurity literacy.
Reskilling - The introduction of automation into administrative functions is driving a need for employees to be re-skilled. While machines are not taking over the jobs of humans, they are improving efficiency in many roles, freeing up time for people to take on more complex (and frankly, more interesting and more important) roles within an organization. Continue reading →