IT at work Archives

The White House is releasing the software code for a website it uses to track the performance of big computing projects, as a way to fix program glitches and share the tool with other government bodies, according to the federal chief information officer.

The so-called IT Dashboard monitors the budget, schedule and functionality of systems under development that cost the federal government about $80 billion annually. But critics and federal auditors say ratings on the site do not always accurately represent the current status of projects.

Still, federal CIO Vivek Kundra says the dashboard has helped reduce IT costs by more than $3 billion and he wants "to tap into the collective talents and ingenuity of the American people, to enhance functionality, improve the code and address existing challenges," according to a post on the White House blog. "Software developers will be able to collaborate, identify errors, develop enhancements and recommend improvements to the dashboard, and find new uses for it that we have not even imagined."

CIOs throughout the nation and the world, such as Maarten Hillenaar of the Netherlands, Kyle Schafer in West Virginia and Jason DeHaan in the City of Chicago, are interested in deploying the accountability software in their respective governments, he writes.

The code underpinning the dashboard is freely available, through a format referred to as open source.

In addition, the Obama administration is publishing instructions on how to conduct "TechStat" sessions, which are in-person meetings Kundra typically holds with agency CIOs to decide what to do with systems at risk of failing.

He writes, "The TechStat toolkit provides a comprehensive guide for organizations to establish their own TechStats to improve line-of-sight between project teams and senior executives, increase the precision of ongoing measurement of IT program health, and boost the quality and timing of interventions to keep projects on track."

White House officials on Friday sent agency chief information officers and senior procurement executives a memo directing them to weigh open source options when buying technology.

Open source refers to technology based on nonproprietary parts, which allow third-party developers to improve and modify the product without having to pay the technology's maker. Advocates have said a move toward open source in the government could save taxpayer dollars and bolster security.

For example, in planning software purchases, "agencies should analyze alternatives that include proprietary, open source and mixed source technologies," states the policy, co-signed by Federal CIO Vivek Kundra, Dan Gordon --- Office of Federal Procurement Policy administrator, and Victoria Espinel, U.S. Intellectual Property Enforcement Coordinator.

The guidance reminds agencies that, according to existing policies, buying decisions should "be free of preconceived preferences based on how the technology is developed, licensed or distributed."

Agency officials "should follow technology neutral principles and practices," which include selecting suitable technology on a case-by-case basis by considering factors such as performance, cost, security, compatibility, ability to share or re-use and availability of quality support, the one-page document states.

Hewlett Packard has nabbed a 10-year NASA megadeal potentially worth $2.5 billion to manage employees' personal computers and peripheral technology, space agency officials announced on Monday.

The job entails providing, securing and servicing most staff computers, agency software, mobile technology services, printers and other supporting infrastructure. Herndon, Va.-based HP Enterprise Services, formerly EDS, will be responsible for outsourcing some of the tasks to other commercial vendors under the contract known as "ACES," for Agency Consolidated End-user Services.

The fixed-price pact covers four base years of work, with two three-year option periods. Program managers will be based at NASA's shared services center in Mississippi.

ACES is part of a larger NASA effort, the IT Infrastructure Integration Program, intended to save money by consolidating procurements and centralizing information technology services. The new HP deal will replace an older long-term contract currently held by Lockheed Martin Corp. called the Outsourced Desktop Initiative (ODIN).

In February, Lockheed, one of the most established NASA business partners, announced the space agency had awarded the company a $230 contract extension for ODIN that ends in Oct. 2011.

The Mississippi facility where ACES will be managed -- operated by NASA, Computer Sciences Corp. and the states of Mississippi and Louisiana -- supports operations at all 10 NASA space centers.

The Library of Congress, which recently shutoff access to WikiLeaks on its computers, may be unintentionally undermining the research its analysts perform for lawmakers, classification expert Steven Aftergood, who regularly publishes a government secrecy newsletter, blogged on Monday.

The Congressional Research Service, a branch of the library that scours bills, news and other primary sources to inform lawmakers of pressing issues, "will be unable to access or to cite the leaked materials in their research reports to Congress," wrote Aftergood, who runs the project on government secrecy at the Federation of American Scientists, a nonpartisan think tank.

Several current and former library employees told him that restricting access to WikiLeaks could degrade CRS analysts' research and may not have a legal basis, he added.

• "It's a difficult situation," said one CRS analyst. "The information was released illegally, and it's not right for government agencies to be aiding and abetting this illegal dissemination. But the information is out there. Presumably, any Library of Congress researcher who wants to access the information that WikiLeaks illegally released will simply use their home computers or cell phones to do so. Will they be able to refer directly to the information in their writings for the library? Apparently not, unless a secondary source, like a newspaper, happens to have already cited it."


• "I don't know that you can make a credible argument that CRS reports are the gold standard of analytical reporting, as is often claimed, when its analysts are denied access to information that historians and public policy types call a treasure trove of data," a former CRS employee said.
• In a press release, LOC explained its actions by citing an Office of Management and Budget memo regarding the obligation that federal agencies and federal employees have to protect classified information. "But LOC is statutorily chartered as the library of the House and the Senate. It is a legislative branch agency. I don't recall either chamber directing the blocking of access to WikiLeaks for/or by its committees, offices, agencies, or members," a different former analyst said.

The library did not respond to Aftergood's request for comment on the issue over the weekend.

Aftergood's summation: "If CRS is 'Congress' brain,' then the new access restrictions could mean a partial lobotomy."

The White House this morning announced much-anticipated contracting reforms that propose changing the budget cycle for information technology projects and developing a path to promotion for IT program managers.

The details of the plan -- announced by Office of Management and Budget Chief Performance Officer Jeff Zients -- are explained in a Nextgov column by Pratap Chatterjee, who is a visiting fellow at the Center for American Progress, a progressive think tank with close ties to the Obama administration.

We'll have more information and perspective on Nextgov later today.

Several House Democrats on Wednesday evening announced they have introduced legislation that would expand the Homeland Security Department's cybersecurity powers, adding to the growing pile of competing bills aimed at protecting the Internet from criminals and foreign enemies.

Rep. Bennie Thompson, D-Miss., the outgoing chairman of the Homeland Security Committee, proposed the 2010 Homeland Security Cyber and Physical Infrastructure Protection Act, along with co-sponsors Jane Harman, D-Calif., and Yvette D. Clarke, D-N.Y. Unlike S.3480, the 2010 Protecting Cyberspace as a National Asset Act, which the Senate Homeland Security and Governmental Affairs Committee passed in June, the House committee's bill would not create new White House positions or make systemic changes governmentwide.

Instead, the new legislation would fortify DHS' cyber capacity by creating a new cybersecurity compliance division within the department to oversee performance-based standards for .gov websites and separate standards for critical infrastructure networks. Thompson stressed that, since 2003, Homeland Security has been designated a focal point for the security of cyberspace, under a presidential directive, but has lacked the authority to fulfill its mission.

Like other bills, the House measure would require DHS to partner with the private sector on developing tailored security plans for critical networks.

Specifically, the Thompson legislation would authorize DHS to:

• Establish and enforce performance-based standards for agencies.


• Alert the Office of Management and Budget when agencies violate standards.


• Decide which commercial networks should be designated "covered critical infrastructure" and provide a way for private firms to challenge such a designation.


• Develop performance-based standards for private networks determined to be critical and enforce such standards.


• Recommend liability protection for firms that comply with the standards and issue civil penalties of up to $100,000 per violation.


• Share and protect relevant threat information with other federal agencies and applicable companies.


• Conduct research and development.


• Develop a strategic cybersecurity workforce plan.


• Hire an additional 500 cybersecurity professionals and grant retention bonuses for personnel that would otherwise leave DHS.

"From a security and good-government standpoint, the way to deliver better cybersecurity is to leverage, modify and enhance existing structures and efforts, rather than make wholesale bureaucratic changes," Thompson said in a statement.

Harman added, "Cyberattacks, whether originated by other countries or sub-national groups, are a grave and growing threat to our government and the private sector. This bill provides new tools to DHS to confront them effectively and make certain that civil liberties are protected." In June, Harman introduced a House version, H.R.5548, of the Senate committee's bill that is still pending in Thompson's committee.

Clarke noted, "This bill will protect our country from a growing risk of 'hacks' and better allow the department to fulfill its duties of protecting our nation."

The city of Cleveland, Tenn. is removing computer games and blocking social networking sites, such as Facebook, from city-owned computers, the Cleveland Banner reported.

"If you pay an employee for eight hours' work, then the employee needs to give eight hours," Cleveland City Manager Janice Casteel told the newspaper. The city is located about 40 miles from Chattanooga.

Among the games removed are those that come pre-installed with the computer such as Solitaire, the Chattanooga Times Free Press reported.

One city employee told the Chattanooga paper that she heard employees would bring their own games, and IT specialist Sherry Goines told the paper that "a lot of employees still use city cell phones to get on Facebook while they are at work."

When hackers on Tuesday exploited a security flaw on the social-networking service Twitter to corrupt messages from users -- including the White House press secretary's account -- the breach seemed to be a joke rather than an effort to bring down systems.

No one appeared to take the threat seriously at first, perhaps because they didn't know what was happening. How are Press Secretary Robert Gibbs and other federal employees supposed to know the difference between a malicious attack and a prank? And what are they supposed to do in response?

The bogus posts, or Tweets, that Gibbs unknowingly distributed to everyone subscribed to his updates -- his followers -- consisted of illogical letters, symbols and numbers.

During a press briefing, he said, "I thought I'd done something horrific to my own computer and quickly made sure I didn't spill anything on my keyboard or -- because at one point on my computer it just had people's names on Twitter and then all of their . . . message was blacked out as if the whole thing was redacted. I thought that was -- at first I thought that was somebody's message and I thought, I don't know what that means, but that's kind of funny. But then I realized it was happening to half my messages."

A reporter asked Gibbs, "But why doesn't that [hack] concern you, that there might be some sort of security breach in the messages that you're disseminating from the White House, that this could be scrambled or misinterpreted or redirected in some way?"

His response: "Well, again, since the words didn't equal -- since the combination of letters and numbers didn't actually equal a message, I'm not worried about that code being misinterpreted."

What if Twitter or Facebook, also widely used in government, starts rapidly spreading a virus that wipes out devices -- and, again, no one knows what's happening?

The reaction throughout the Twittersphere on Tuesday lends some hope that the social sector will come to the rescue. The Twitter website and Tweets from affected users quickly informed the noninfected that something odd was happening and that the company was working to patch the bug. So, at the same time that the social service was spreading gibberish and, reportedly, porn, it also was spreading helpful information.

A rearrangement of staff within the White House may dilute the already weak enforcement of the president's open government directive, the Washington nonprofit Sunlight Foundation contends.

Office of Management Director Peter Orszag, who issued the memo to agencies, has exited. And White House Counsel Bob Bauer reportedly is taking on the added responsibility of open government oversight, which had previously fallen to Norm Eisen, the outgoing special counsel for ethics and government reform.

So far, the only penalty an agency gets for ignoring the directive is the embarrassment of a red light next to its name on a "dashboard" -- an online scorecard. The directive is supposed to institutionalize a culture of disclosure, public participation in government and collaboration with agencies, nationwide.

But Sunlight's Policy Director John Wonderlich writes on the group's blog:

The open government directive can either become a dated, rhetorical memo, or a transformative commitment to a new era of openness. Only if the White House holds agencies to their requirements and plans can the directive have real force. OMB Director Orszag has left, and with Eisen leaving, enforcement faces more uncertainty. When the public compliance dashboard doesn't meaningfully differentiate between failure and progress toward meeting expectations (compare the yellow to the red in this chart), we can expect clarity in enforcement to continue to be a concern.

With its 2010 decennial count well underway, the Census Bureau already is looking forward to the next challenge: planning for 2020. According to the bureau's head, the next count will incorporate more technology than what currently is being used.

In a press conference this week, Census Bureau Director Robert Groves said that an Internet response option, along with portable technologies to ease door-to-door counts, are a must for the 2020 decennial census. The bureau originally planned to give employees handheld computers but scrapped the idea in part due to cost concerns.

"We have no idea what it's going to look like," Groves said. "So, a handheld is going to be so 2010 by the time we talk about the 2020 census. We'll have a different word for it, but it'll be there."

Groves also said that people will have the opportunity to complete questionnaires via the Internet, but he doesn't believe that many will forgo the paper option, nor that responses will increase drastically with an online component.

The Census Bureau has been plagued by technology problems. In addition to concerns about handheld devices, its software systems earlier this spring experienced technical bugs that threatened to slow progress. But Groves reported that the bureau has processed 47,000,000 forms as planned.

"It worked," he said. "It wasn't pretty, but it worked, and we have successfully completed that phase."