Karen Evans | The straight story on OMB's Internet connection policy

 

Connecting state and local government leaders

GCN Interview: The Office of Management and Budget's administrator for e-government and information technology clarifies the goals of the Trusted Internet Connections initiative.

You shouldn't notice it. Folks who are managing these services ' not the telecommunications services, but the online services like Web sites ' should not notice any difference. Most of this work will be done behind the scenes, and it could be as simple as changing an entry in a table to reroute traffic to a different place.Where this really comes into play is how the department delivers its telecommunications services. Say, for example, the department has a very decentralized approach ' it is only managing Washington, D.C., telecommunications.It may have 10 or 15 regional offices and allow those regional offices to do their own telecommunications. That's where this initiative is going to impact the department, because we're going to rely on the department to know its inventory and to decide how it will manage it. They will have to come up with a plan for how they are going to either collapse [their network] or partner with another agency. So this initiative is saying you have to know what you own in order to manage the risk to an acceptable level.Everybody is focused on the 50, asking if 50 is enough. We know that 1,000 is too many, but we haven't necessarily said that 50 is the cutoff. What we're figuring is, at a minimum, it is probably around 50. Even if you did two per department it comes to around 50.So what the Department of Homeland Security has done, and what most departmental CIOs have done, is [establish] the corporate wide-area network and let the component organizations and program organizations connect up, [but require that] they meet a certain threshold in order to connect.So every department has to work out what are the corporate services and what will be the local services. Anything that is not internal. If you're an agency that is doing something that connects to another agency, that is an external connection. Now that may mean [after the consolidation] it may no longer be an external connection because now it is part of the internal [system]. If we work as one enterprise, then an agency-to-agency connection may be viewed as internal. You still have to meet certain rules of the road, but it is not the same as an external connection.These 50 points of presence actually become the perimeter of the federal government.Everything inside would be zoned. Say department A is getting service from department B, so department B will be looking at department A as a local-area network connection.They would connect the same way you would make your component organization hook up [to the departmental WAN], except it would be bigger from that perspective. They are connecting up to a service provider. In this particular case, you are going through the agency as a service provider.It may well be that everyone would say they really do have a legitimate business need [for more connections] and we agree that they probably should have these connections. But if you're going to have an external connection, the configuration has to be the same as everyone else's. It has to be monitored and managed in the same way.We will still have to work out some of these governance processes. We would have [agencies] compete as in any other line of business to be a service provider for the gateway. Just like we did for the Federal Information Security Management Act reporting, agencies would compete against a known set of criteria. The June 2008 date is not just haphazardly throwing another initiative on top of everyone. When you are looking at meeting that requirement, you don't want to do this in a vacuum. You have to have IPv6 running on your backbone networks as of June 2008, which allows you to do a lot of different things like addressing and [improved] security measures. And then you have HSPD-12, which [requires] two-factor authentication for coming into a network. Everyone will start using their cards to access their services, so you want to build that into your solution. And then people are buying equipment, so you want to make sure that is built into the plan.So we sent out additional guidance to the agencies that gives some specificity of tying these things together through their enterprise architecture, making sure you are taking all these things into consideration and doing these things together and not separately. That is part of what needs to be determined by the [interagency working] groups. The big thing is that each agency doesn't have to do it on its own. It is not really about geographic location. You have to look at the network and network use. It's not like we're saying, 'Let's put 25 east of the Mississippi and 25 west of the Mississippi.' It's not what we are doing. They could. Small agencies could come in and connect through large agencies. I don't want to say this is the way it will work, but it could work. That is why we are working with the CIO Council to do that analysis. That will have to be decided on an agency-by-agency basis. We have agencies that provide services overseas, and we have telecommunications services and rules on how that works. The State Department has been the lead on a right-sizing initiative for a while. That was part of the President's Management Agenda. There will be more than enough money for this effort. This is not an unfunded mandate. What this will require agencies to do is to look at their priorities. So, say you run decentralized, you may want to start to look at the cost of how that decentralization works. If you look at what has been submitted in the president's budget for fiscal 2008, you would see that where we break out telecommunications infrastructure, there is $20 billion there.There is more than enough money to do this. You just have to redirect your priorities. [Government employees] would be authenticating for services on a network through two-factor authentication. We would know who they were and they would be accessing things as approved. We would be managing our risk to an acceptable level while we will be continuing to see improvements to our citizen services. What we are trying to do is build public trust in our online services and improve how we do operations on the back end for our internal services

Karen Evans, OMB's administrator for e-government and information technology

In November, the Office of Management and Budget announced a plan to cut federal agencies' external connectivity points from about 1,000 to 50, including Internet connections (GCN.com/888). In the first half of this year, agencies must work together to establish a select number of shared-services nodes.

By reducing the number of gateways, the government could better protect against security threats. But like any sweeping plan, the Trusted Internet Connections initiative has spawned misunderstanding. Some employees thought OMB wanted to cut their Internet access or take agency Web sites off-line. Karen Evans, OMB's administrator for e-government and information technology, met with editors from GCN and its affiliate publication, Federal Computer Week, to clarify TIC's goals.



GCN: THERE ARE LOTS OF MISPERCEPTIONS OUT THERE. HOW WILL THE INITIATIVE AFFECT AGENCIES AND THEIR EMPLOYEES?

Evans:











GCN: WHAT DO YOU MEAN BY EXTERNAL CONNECTIONS? DO YOU MEAN A CONNECTION TO THE INTERNET?

Evans:











GCN: THE DEADLINE FOR ESTABLISHING THE GATEWAYS IS JUNE 2008 ' AROUND THE SAME TIME FOR HAVING IPV6 ON NETWORK BACKBONES AND MEETING HOMELAND SECURITY PRESIDENTIAL DIRECTIVE 12, AND A FEW MONTHS AFTER HAVING DESKTOP COMPUTERS MEET THE SPECIFICATIONS FOR THE FEDERAL DESKTOP CORE CONFIGURATION. HOW DO YOU SEE ALL THESE SECURITY INITIATIVES CONVERGING IN 2008?

Evans:



GCN: WILL THE GATEWAYS BE DISTRIBUTED BY GEOGRAPHIC REGIONS?

Evans:

GCN: WILL SOME AGENCIES WORK AS SHARED-SERVICES PROVIDERS?

Evans:

GCN: WHAT ABOUT OVERSEAS SITES?

Evans:

GCN: WILL THERE BE FUNDING FOR THE INITIATIVE?

Evans:



GCN: WHEN THE INITIATIVES ARE COMPLETED, WHAT WILL THE GOVERNMENT IT LANDSCAPE LOOK LIKE?

Evans:

NEXT STORY: Used munitions now on eBay

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.