Summaries for June 15, 2009

HE WANTS TO SAY ONE WORD TO YOU: PLATFORMS
Vivek Kundra describes his job satisfaction as that of "a kid in a candy store." And why not? The federal government is the ultimate candy store for anyone interested in creative application of IT and organizational transformation. If you are in the world's biggest candy store, though, the choices can be so overwhelming as to produce paralysis unless you have a clear picture in your head of where you want to go. Kundra seems to have that clear picture. -> Read More

OPEN GOVERNMENT ONLINE PROVES ELUSIVE
Open government is turning out to be a more ambitious and problematic project than perhaps the new administration anticipated. One simple reason is that really good web sites don't happen to be particularly easy to construct, and often the ambition has run ahead of the online reality. This may be why the most functional of the open-government web sites to be launched by the Obama administration so far is data.gov. Others, like recovery.gov, haven't gone as well. -> Read More

                                                                            Advertisements

KBR MIGHT HAVE SCREWED UP, BUT COMMISSION FOCUSES ON GOVERNMENT
The word "KBR" appears 37 times, the word "LOGCAP" 140 times, all within a 121-page report. That alone might give you an idea of what the interim report of the Wartime Contracting Commission is all about. Released June 10, the report focuses on logistics, security and reconstruction contracting in Iraq and Afghanistan. The report spends a lot of ink on KBR (formerly Kellogg, Brown and Root), the prime contractor for the LOGCAP series of contract, but it takes the government to talk for poor oversight. -> Read More

GOVERNMENT REACQUAINTS ITSELF WITH NET GATEKEEPERS
Although it did not get a lot of press, a major cyber security initiative was announced this month by the National Institute of Standards and Technology. NIST said it would work with the National Telecommunications and Information Administration (NTIA, another Commerce Department agency) and the Internet Corporation for Assigned Names and Numbers (ICANN) on a new project. The goal: To accelerate deployment of security technology called DNSSEC, or Domain Name System Security Extensions, at the Internet's authoritative root zone. -> Read More

• He Wants To Say One Word To You: Platforms

  Vivek Kundra

  Vivek Kundra describes his job satisfaction as that of "a kid in a candy store." And why not? The federal government is the ultimate candy store for anyone interested in creative application of IT and organizational transformation. If you are in the world's biggest candy store, though, the choices can be so overwhelming as to produce paralysis unless you have a clear picture in your head of where you want to go. Kundra seems to have that clear picture.

  As the administrator for e-government and IT and CIO within the Office of Management and Budget, Kundra is updating the Lines of Business initiative and other policies, as well as the way the office oversees the vast portfolio of agency IT investments. Underlying the new approach is Kundra's perception that technology is changing so fast that many IT functions ought to be conducted in a federated manner, almost as a subscription, delivered up by a platform negotiated, hosted and operated centrally. He said this will free agencies from much of the architecture and contracting drudgery they now engage in.

  It would trivialize it to liken this approach to the way individuals subscribe to social media and other so-called Web 2.0 services, but it does share their underlying theme of people provisioning themselves with capability to use as they see fit.

  Kundra uses the word "platform" to summarize how he wants agencies to obtain -- eventually -- a long list of IT applications. It's a word you are going to be hearing a lot.

  Platform incorporates elements of shared services, lines of business, and cloud computing, but it isn't precisely any of them. To Kundra, a platform is a governmentwide service from which any agency can provision itself for a particular IT function. The cloud computing initiative, now being explored for a future contract by General Services Administration (see last issue), is the first platform Kundra wants to deploy. From the point of view of a using agency, a platform will look like a service to be used as needed. The benefit? There is no need to develop the capability or to award a contract for it separately.

  "Why invest hundreds of times?" Kundra said. He envisions an entity from which agencies -- in the same time it takes to set up a social networking account, that is, minutes -- will extract services such as security, provisioning of servers, accreditation services and other common functions. The platform strategy not so much builds on the Lines of Business shared services model as supersedes it.  He estimates platforms "will save hundreds of millions of dollars. That's the promise of technology happening horizontally."

  OMB will not, at first, attempt to establish platforms for complex services like agency finance or human resources. Kundra's plan is to start with common, but simple, services: blogs, public feedback, photo and video servers, and lightweight collaboration. He called these the lowest common denominators.

  "It will take time and energy to stand up a center" for platform-provisioned services, Kundra said. But the agency he is eyeing to become the locus of platform development is the GSA, as evidenced by it getting the assignment to come up with a governmentwide cloud computing solution. GSA is the main contract provider for the government, so what Kundra envisions for it would be something of a different orientation, but not an unprecedented one. Back around the turn of the century it offered seat management, but had few takers.

  Now, "GSA will become the center of gravity for government as a platform," Kundra said. Agencies that might have developed a platform capability, he added, will offer it governmentwide via GSA.

  But eventually he sees more high-level functions moving to the provisioning platform, as agencies adjust or transform their business processes to take advantages of the economies of governmentwide platforms. The closer an application is to a particular mission, Kundra said, the more it is likely to require reengineering in order to migrate to a common platform.

  Kundra acknowledged that certain agencies will always have applications specific to them. He cites FAA's air traffic control system or command and control systems in the Defense Department. And, for the platforms, he said the government will have to use several models, depending on the criticality or confidentiality of the application. The platform could be government-owned and operated, contractor-owned and operated, or government-owned and contractor-operated.

  Asked about the other big issue, how the Orszag-Kundra OMB will watch over the several hundred IT investment projects that the previous administration graded quarterly, Kundra said to wait until the dashboard he promised earlier this month is in place. It will be the principal tool for looking at progress and adherence to performance goals. But he also said that he hoped dashboards themselves would eventually be offered from a platform to agencies with their individual dashboard needs.

  Return to top

---

• Open Government Online Proves Elusive

  Open government is turning out to be a more ambitious and problematic project than perhaps the new administration anticipated. One simple reason is that really good web sites don't happen to be particularly easy to construct, and often the ambition has run ahead of the online reality.

  This may be why the most functional of the open-government web sites launched by the Obama administration so far is data.gov. That site aggregates data agencies are already compiling and publishing. Agencies merely need to direct a feed to data.gov, basically, and voila. Earlier this month, Vivek Kundra, the Office of Management and Budget administrator for e-government and IT, promised that sometime this summer, 100,000 sources of data would be found at data.gov. Managers at each contributing agency only have a few steps to do for their data to wind up at the new portal. My personal bias is that I think data.gov is a very good idea with much potential. The Sunlight Foundation of Washington, D.C., which suggested a design for data.gov that OMB fairly closely followed, is offering a reward for the best mash-up using sources from data.gov.

  Recovery.gov has been more problematic. It is not a bad site, but so far it simply does not live up to the promise, made by the president himself, that it would show all of the contracts and grants and who they went to, under the American Reinvestment and Recovery Act. Unlike data.gov, recovery.gov is part of a vast new requirement of agencies relating to the reporting and transparency requirements imposed by OMB for stimulus dollars. Thus the site displays macro numbers obligated, but not contract detail.

  Tellingly, it has spawned competitors with significantly more fine-grained detail. One is from a sales consulting firm called Onvia of Seattle. And then there is the site created by Jerry Brito of the Mercatus Center at George Washington University. Aware of the problem, the administration is already setting to replace recovery.gov. Just last week, the Washington Business Journal reported that the General Services Administration issued a pre-solicitation notice for a contractor to basically start over and build a new recovery.gov. The solicitation was expected to hit FedBizOpps on Monday, June 15.

  Ironically, June 15 is the same date on which the White House's open government initiative is to expand to, well, everybody in its final "draft" stage. The so-called "brainstorm" phase, hosted by the National Academy of Public Administration (NAPA,) ended earlier this month, with 3,752 ideas, after de-duping and removal of inappropriate postings. The next phase, "discuss" disorientingly takes you to the Office of Science and Technology Policy blog. What happened to the 3,752 ideas? Well, if you read some of them you'll find yourself pretty far afield from the spirit of the White House initiative. A rant called "Stop Obama Administration Extortion got 20 "looks promising" votes. The reality is that serious, civic-minded discussion is buried in irrelevant (or worse) postings. That might be sad, but it certainly shouldn't be surprising. Anyone who reads the comments posted to news stories even in major media outlets will find similar silliness. No editor would ever consider as suitable for the printed editorial page one percent of the daily raft of comments.

  I don't doubt the White House's sincerity in launching the open government initiative, or of the organizations, like NAPA, that are supporting it. But what is the likely result of this effort? Disappointment or disillusionment of the earnest participants, unless the crud is cleared out. There's another danger. Cynics might look at all this effort and conclude the White House initiative is merely a soporific for the masses while the administration pursues whatever agenda it had in mind all along.

  Return to top

---

• KBR Might Have Screwed Up, But Commission Focuses On Government

  The word "KBR" appears 37 times, the word "LOGCAP" 140 times, all within a 121-page report. That alone might give you an idea of what the interim report of the Wartime Contracting Commission is all about. Released June 10, the report focused on logistics, security and reconstruction contracting in Iraq and Afghanistan. The report spends a lot of ink on KBR (formerly Kellogg, Brown and Root), the prime contractor for the LOGCAP series of contract, and, to be sure, the horror stories go on and on.
  
  Co-chairs of the commission are Michael J. Thibault, a former Defense Contract Audit Agency director and chief compliance office of Unisys, and Christopher H. Shays, former chair of the House Oversight and Government Reform Subcommittee on National Security and Foreign Affairs. Their report is not primarily written to excoriate KBR. It is to take the government to task for the way in which it handled a contracting operation involving 240,000 workers, nearly 8 in 10 of which are foreign nationals. Thus the danger to the IT community in this report is the potential for misinterpretation of it. Anyone involved in the acquisition chain -- from program manager to contract officer representative (COR) -- should read it and not simply rely on media recitations of snippets of it.

  At the danger of oversimplification, the dominant impression I get from reading the report is this: Too much activity and too few people to make sure it was done right. So ultimately the shoddy work, cost overruns and waste are on the government. Keep in mind the focus of the report is contingency contracting in support of a war operation, and that brings challenges of its own. Yet many of the lessons from the report apply to any large scale acquisition and contract management situation.

  The issues raised in the report cover the waterfront. The authors stress sheer manpower over and over. For example, the Defense Contract Management Agency has level staffing at 4,000 as DOD annual contract transactions, between 2000 and 2006, rose 328 percent to 1.3 million.

  Training also comes up -- lack of it and lack of access to it in theater. Would-be CORs could sometimes not access online training from Defense Acquisition University because of limited bandwidth. In fact the IT infrastructure supporting the whole enterprise of contracting in Iraq and Afghanistan was found by commissioners to be inadequate. They singled out the Federal Procurement Data System-Next Generation (FPDS-NG). One problem is that users of the data can't search it in a way to distinguish contract actions related to a national emergency or wartime contingency, versus the procurement of office supplies. So would-be watchdogs are forced to look at several data sources to triangulate in on what is going on. "The federal information systems’ inability to provide reliable information has undoubtedly complicated contingency-contract management," the report states.

  Plus, the report makes it clear there was no planning for the possibility that someone might want a complete view of the extent of contractor support activity. It took until April of 2009 for a system called SPOT (Synchronized Pre-deployment and Operation Tracker) to account for barely two thirds of contractors working in Southwest Asia support. The authors add, however, that DOD has made progress in sharing lessons learned about contracting, such as "creation of a Joint Contingency Contracting Community of Practice knowledge portal that is housed on the Defense Acquisition University web site." 

  The government is not alone in having IT weaknesses leading to contingency contracting problems. "We learned that roughly 30 percent of contractor business systems audited by the Defense Contract Audit Agency contained significant deficiencies." And a big fallout of that is a lack of cost control at the subcontractor level.

  The report is a dense but clear read. It goes deeply into policies over what is inherently governmental, pricing issues, and plain contractor performance, as well as poor requirements planning. One example: a dining hall lacking a roof that could withstand a mortar hit. It was built during the height of the Iraq insurgency. The problems multiply on one another until a large portion of $830 billion is wasted. And now the LOGCAP IV, tri-contractor program is running into problems as the Afghanistan effort ramps up.

  Return to top

---

• Government Reacquaints Itself With Net Gatekeepers

  Although it did not get a lot of press, a major cyber security initiative was announced this month by the National Institute of Standards and Technology. NIST said it would work with the National Telecommunications and Information Administration (NTIA, another Commerce Department agency) and the Internet Corporation for Assigned Names and Numbers (ICANN) on a new project. The goal: To accelerate deployment of security technology called DNSSEC, or Domain Name System Security Extensions, at the Internet's authoritative root zone. The authoritative root zone is comprised of the crucial servers that associates common domain names, like www.fedinsider.com, with their numerical addresses on the network. Loss or disruption of this critical association would wreak unknowable havoc on the internet. It would be as if every street sign name was suddenly changed.

  The announcement is also significant in that it subtly signals the United States' preeminence in ensuring reliability and assurance of the net. It was the Clinton-era Commerce Department that did away with the monopoly of Network Solutions in doling out URL names and numbers. ICANN was the international democratization of that function. It gave rise to thousands of domain name assignment companies, ranging from small shops to big, well-known companies such as GoDaddy with their $1.99 domains.

  Underlying the security initiative is the fact that ICANN is near the end of an operating agreement dating back to 1998 between it and the Commerce Department. After September, ICANN becomes accountable to -- nobody knows at this point. Other countries, and in particular the European Union,  have been suspicious that the U.S. controls ICANN. Some in the U.S. worry that a completely untethered ICANN could be hijacked by other actors with less-than-noble goals for the Internet.

  Meantime, it may be true that nobody owns the Internet. So each user, whether a federal department or a small business, has been pretty much on its own with respect to ensuring security of its own connection. But the root zone is within the heart of the Internet itself, and known vulnerabilities have worried experts for many years. Part of the problem is devising a solution that can scale up to the size of the Internet without stopping it cold. The original protocols of the Net itself were designed for fast scaling, not for security. So there is plenty of engineering and testing ahead before the DNSSEC protocols can move beyond .gov and other official domains outside of the U.S. Since NIST scientists have been on the DNSSEC committees all along, they are in the best position to help a more widespread deployment.

  Return to top