Ken Cochrane | Identity's the key to a better Web

 

Connecting state and local government leaders

GCN Interview: As CIO of an organization with more than 470,000 employees, 1,600 points of service, and a mission to serve a far-flung population, Cochrane has seen his role take on new dimensions as Canada attempts to harness Web 2.0 technologies.

One difference between Canada and other countries is some of the tools we use. Everybody's using tools to make sure there's compliance. One of the important tools we use is the Management Accountability Framework. Each department and agency is assessed based on evidence as to how well they are exercising good management in their enterprise: How are you managing your policy and programs? How are you managing your people? What about citizen-centered service? What about stewardship? We have 21 areas of management we assess. It's like modern comptrollership on steroids.We're trying to get to a point where there's more self-assessment, based on indicators that already exist in the system as opposed to having to look through loads of evidence. Say we're looking at IT and I want to quickly assess if you're doing a good job with your desktop services. I look at total cost of ownership, mean time to rust-out, or something, to make sure that you were really sustainable and running the operation well.This was the first year that we've set up a portal for this, so there is a database that is loaded by departments. Over time, we will standardize the reports and make those easier for us to deal with.I think another difference is it's somewhat unique that in the role of CIO, I have responsibility for a number of policy areas but also for governmentwide leadership for IT, identity management, security, privacy, access and so on.Probably the other place where we're most active is identity management.Please elaborate. Although I think the [United Kingdom] is talking about a single identity card, that concept makes people very nervous in Canada and the United States. That's not what we're talking about. If a time came when we needed one, what we're doing under identity management would facilitate that ' by setting the standards around the management of identity.When we look at identity, there are two sides to it. One is security for the safe movement of people across borders and into the right places. The other side is service ' making sure you are who you say you are when we provide you with access to a service. We've worked very hard on the terminology: What do we mean by identification ' or by identifying documents? What do we mean by registration, when you register for a program? Or authentication ' when you come back and visit a second time? Or authorization ' are you authorized to do one thing or 10 things?We now have a standard model that defines all those terms. Now we are starting to standardize assurance levels ' from zero, let's say, to four. Zero level of assurance says, 'There's really no security required; you can come in and gain access to things.' Level 1 says, 'It would be nice to know who you are, but all you're going to be doing is looking at information that could be acquired, maybe, publicly.'Level 2 says, 'Hold on ' we need to know who you are because we may show you some information about yourself when you ask for it.' Level 3 may say, 'I'm going to give you deeper access to your account ' maybe multiple years' worth of tax returns or a list of your dependents. It is information we don't want to go to anybody but you ' not even your mother.'Level 4 would deal with entering very secure facilities that we don't want anybody else in or top-secret data. Defining assurance levels is really important because it works in two ways. No. 1, it works with the credential. And we also apply the same model of assurance to the event or transaction. Some events are Level 0; some are Level 3 or 4. Our model tries to establish standards for determining what level the credential operates at and what level the transaction or the event requires.This is very helpful because it lets us speak to any jurisdiction about what we're talking about. I could issue a credential to you, and if they trust me that I've issued it effectively, then they would let you use your credential with their services, too. We're talking to the banking community in Canada to see if these standards would work for them as well. I don't care who issues the credential as long as we have trust that they've done it effectively. One is we have rules in place whereby procurement has to meet certain criteria in terms of disposability of the equipment and energy saving.Second, we're trying to get people to use different technologies to minimize their carbon footprint. Can you use videoconferencing or collaborative tools? For example, we engage 10,000 Canadians every year using surveys, but we rely more on focus groups. We were able to run these remote focus groups, via the Internet, with people from across the country, at a fraction of the cost of what a focus group would cost.The last piece is consolidation. We've focused on three tracks: consolidating networks, consolidating data centers, and we're trying to establish a standard desktop. We're in the approval process to set up a major data center in Ottawa that collapses probably about 40 to 50 data centers (among about 140 data centers nationally) into this one ' initially by 2011. (Laughs.) We haven't even got to 2.0. But to me, Government 2.0 is more than Web 2.0. It's the modernization of internal services, getting the right workplace and the workforce on all those dimensions ' and coherency. But you have to worry about the next generation.So it was a messaging piece. What does 3.0 mean? Maybe it means the big shift in government services. Take the concept of mash-ups. Other people can offer our services ' geospatial data and climate data and other data we have ' and connect it and offer services that we don't offer.There's always an entrepreneur that says, 'I found A and B, but we're going to add C, and guess what I've got? A new service nobody thought of.'I don't think 2.0 really talks about that so much; it talks more about collaboration. I think we'll see something emerge that's even more interesting; there's going to be a revolution ' just like in early 2000 with the whole craze around the Web.Now, the only thing is, to me, I think we need some good identity management. If we do a good job and we can share the standards, then it works for everybody.

Ken Cochrane, Canada's chief information officer

Teckles Photo Inc.

When Ken Cochrane took the position of Canada's chief information officer two years ago, one of his top priorities was improving identity management.

'I still don't think it means a single card,' he said ' but 'having the right elements that interoperate are really critical.'

As CIO of an organization with more than 470,000 employees, 1,600 points of service, and a mission to serve a far-flung population, Cochrane has seen his role take on new dimensions as Canada attempts to harness Web 2.0 technologies.



GCN: The Canadian government earns high marks for its use of information technology. What lessons have drawn the greatest interest from your counterparts elsewhere in the world?

Ken Cochrane:









GCN:

Cochrane:



GCN: And what steps are you taking to establish those standards?

Cochrane:







GCN: How are you approaching assurance?

Cochrane:



GCN: What other steps are you taking to improve service or efficiency?
Cochrane:





GCN: You've written that government CIOs will need to look further into the future and plan for Government 3.0. What is your vision for Government 3.0?

Cochrane:








NEXT STORY: WebLogic security hole found

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.