Consumerization and Government: The Power of Policy
Author(s): Venkatapathi Puvvada, Posted on September 13th, 2011
The consumerization of IT in government is a promising concept, but making it a reality is easier said than done. The federal government needs a standardized approach to adopting consumer technologies while addressing top priorities like security, privacy and data governance.
Government-wide compliance policies for security such as FedRAMP serve as good models for standardizing consumer solutions and services for government. However, with a recent upswing in the number of personal mobile devices within government, there is still a great deal of work that needs to be done.
IT Needs Government-wide and Agency Specific Standardization
Government-wide policies should attack the issues of employee privacy and national security in a standard and reusable fashion. For example, the Obama Administration should establish a mobile device policy that does not infringe on the rights of federal employees by tracking their geographical location and sets mobile security standards for data access and sharing. This would require buy-in from employees and assurances that they understand their roles in protecting government data on their mobile device.
This goes beyond applying Federal Information Security Act (FISMA) principles to mobile devices. The government needs specific standards that uniquely regulate enterprise applications and smartphones for the federal workplace. Such policies must consider the varying levels of security required for different agencies—whether defense, intelligence or civilian.
We also need individual policies for each agency. It is important to remember that one size does not fit all. For example, the Defense Information Systems Agency handles highly sensitive, classified information and operates its own data centers and private clouds within the Defense Enterprise Computing Centers. But other agencies that do not handle national security data may have a policy to adopt public cloud. Agency-specific policies for programs such as bring “your own device to work” and telecommuting should be designed accordingly.
Continuing Standardization under New Leadership
Former Federal CIO Vivek Kundra understood the rate at which consumer technologies are infiltrating government. His efforts to standardize consumerization sought to close the gap between reality and IT managers’ perceptions of the amount of consumer tech in government and enterprises.
As Steven VanRoekel takes over the role of Federal CIO, many are wondering how existing policies will change and what new policies will take precedence. VanRoekel should continue Kundra’s policies on program management, data center consolidation and cloud computing.
Consumer technology presents the opportunity to reduce costs without the need to invest a significant amount of capital which government cannot afford today. VanRoekel must apply agile and innovative thinking to standards as we move forward into the next generation of government.