December 21, 2009 By Dan Lohrmann
Wireless Local Area Networks (LANs) have been around for years, but how can state and local governments manage wireless networks efficiently and effectively from an enterprise perspective? Assuming continued technology changes with budget challenges, what governance strategies can help balance security requirements while ensuring adoption and ease of use?
Rhea Linn, who is our wireless LAN project manager for the Michigan Department of Information Technology's Office of Telecommunication, wrote an excellent article on this topic for State Tech Magazine. The article is offered as a best practice for wireless security and safeguarding wireless LANs.
Here is a brief excerpt:
"Our improved solution has helped us to achieve the following:
· Improved wireless security that matches or exceeds our wired standards;
· Enterprise standards and service capability;
· WAN/wireless integration that allows us to provide a WLAN for wide area customers;
· Integrated wireline and wireless policies and practices that provide a seamless logon experience; and
· Affordable, cost-effective service.
So far, 16 state offices throughout Michigan have WLAN services -- 13 in the Lansing Metropolitan Area Network, where the largest number of state employees are concentrated. We also have wide area WLAN implementation in three counties, and APs are installed and awaiting a security decision in five other counties."
Rhea goes on to describe such topics as the specific technology we used, the guest access process for visitors, the policies required and governance involved. You can read more details about this project by downloading this PDF from the National Association of State CIO's (NASCIOs) award web site.
A few observations:
1) Getting the right balance for any infrastructure project between security and ease of use is usually difficult, and wireless networks are not an exception. Speaking from personal experience, there are almost always different perspectives from the networking staff and the security staff - even if they are in the same organization. The battles can get difficult and even nasty at times.
Back in 2004 when I was Michigan's CISO, I was even in the "no wireless" in government camp. I quoted many experts from the National Security Agency (NSA) and other three letter agencies who said that wireless networks were simply not able to be protected. My boss at the time was Teri Takai, now California's CIO. She challenged us to deploy "secure wireless" following private sector advice from companies like Dow Chemical or the Big Three automakers.
Teri was right. With fast food restaurants and millions of other now offering free wireless access, governments needed to offer workable solutions to our clients and visitors.
I give Rhea and the others who worked on this wireless LAN project credit, because they stuck with it and had the perseverance to get the project working and widely deployed. I have spoken with many people from governments around the country that gave up on secure wireless projects out of frustration.
2) Effective governance and a good billing model are essential. I like Rhea's list of lessons learned. She is so right on each of her points regarding policy, processes and technology. We tested, and tested, and tested. We modified our approach several times. Wireless LAN service offerings require constant tweaking.
3) Finally, you need the right staff to get the job done. Proper execution of a good plan should not be assumed. Many things can set a technology team off track. I am thankful for Rhea, the others in MDIT Telecom who worked on this important effort, other infrastructure staff who helped and our Office of Enterprise Security (OES) staff. While the battles got bruising at times, the proof is in the pudding, and the end product works well.
What are your thoughts or questions on implementing wireless LANs in governments?
December 13, 2009 By Dan Lohrmann
A funny thing happened on my way to work yesterday. Actually, the situation was pretty frustrating, and there were a few lessons learned regarding interactive conference calls. Here's what happened:
I was in the car listening in to our normal 7:30 AM "Day Start" call which goes over enterprise-wide status. (To get a sense of what I'm talking about, you can watch this quick video on our technology service management center in Michigan.)
All was going well as I pulled into my underground parking spot at about 7:40 AM. On this morning, we were scheduled to have a issue resolution follow-up discussion regarding one customer with a subset of people.
The roll call began: "Dan Lohrmann."
I said, "Here." There was a long pause. "Dan, are you there?"
I checked my blackberry again. (No, I was not driving at this point.) My phone was not on mute. I said again: "This is Dan, I am here!"
Continuing down the list, "Lynn... Mike.... John.... Judy..." No one responded.
Until, Sue said, "I am here." She continued, "I know that many people were planning to be on this call, I'm not sure what happened. We probably need to reschedule...."
Then came Jack, "I'm here to." A seven minute conversation ensued with several people discussing the importance of the issue at hand, the fact that this was a time-sensitive topic, the scheduling of the meeting, the reality that it was Friday and some were off, the early hour of the call, the level of commitment applied to this issue, and a host of other related topics.
Meanwhile, I started talking very loudly into my phone. I felt like a "Who" in Horton Hears a Who. (Yes, I saw the movie with my kids.)
As I walked across the Lansing Capitol grounds into the building, I was practically shouting. "We are here, we are here, we are here!" I felt frustrated and momentarily helpless. (I later found out that about ten others on the call felt the same way.)
What was strange about this teleconference was that some people could be heard but others could not. We have had situations where all the phones were muted, but never just a few - unless the end user had their phone muted.
Yes, we did find out what happened. Here the explanation:
"AT&T stated that the call monitor may have un-muted the calls, but logged off too quick for the calls to un-mute. The call monitor has control of the call, so people could not un-mute themselves at that point by hitting * 6 or any other command. He did find an option for the host to use if this happens again. From the day-start conference call line, the host can hit *7 and choose option 1 to un-mute everyone.
In the future , the Service Management center staff will have the call monitor stay on the website and make sure everyone is un-muted before logging off the website. We will also document the capability for the day-start host to use *7 and option 1 to un-mute callers."
In other words, there was a combination of operator error and technology training concerns. We have learned in the past that sometimes a seemingly simple function like unmuting phones can cause serious problems and misunderstandings amongst virtual attendees.
So what did I learn?
1) Teleconference operator training is important. All of those one-off 800 conference line functions that are available and seem unimportant are probably in there for a reason. You will likely use them some day, so you may want to double check the manual.
2) A few months back, we had a different problem, and in that case we added a step in our roll call process. The host confirms that attendees are heard by saying: "Thank you Dan" after the person says "I'm here."
3) Be careful what you say on a conference line about those who may appear to not have shown up. Perhaps they are listening and trying to get through.
4) I need to laugh at myself more in work situations sometimes. The events actually became pretty funny - when I took a step back and thought about what was actually happening.
Yes, we got things fixed and rescheduled the call for Monday. But if they can't hear me next time, I won't start shouting at my blackberry. Hopefully, I'll just smile.
Any funny teleconference stories to share?
December 5, 2009 By Dan Lohrmann
Are deeper budget cuts coming for struggling state and local governments? After a year filled with tough news regarding furlough days and more belt tightening, technology executives across the nation are pondering that question. Even as good news was announced yesterday regarding the unemployment rate falling to 10% in November, the holiday season remains focused on plans for 2010.
Stateline.org ran an article entitled: After furloughs, states mull permanent cuts. Here's an excerpt:
"Moving from furloughs of state employees to more permanent downsizing, states are girding for the deepest workforce cuts yet when they hammer out their fiscal 2011 budgets next year. In preparation, many are taking stock of every position in state government to determine what effect job cuts and the possible elimination of whole departments will have on revenues, expenses and the quality of government services."
The report goes on to list state by state cuts already implemented in 2009 (fiscal year 2010).
We all know that tax revenues lag economic recovery, so how long will the budget cutting last? Some are predicting that state revenues will be down for several more years, leading to significant changes ahead for government IT departments. Cutting corners will no longer do. We need to be transforming state technology workforces.
What is Michigan doing? One activity has been offsite scenario planning - based on various budget levels and assumptions. The February 2010 issue of Public CIO Magazine will have an article by me that describes this activity in detail.
So what are you doing in your state or local government regarding budget cuts and/or resource allocation? How are you setting technology priorities and determining core business functions and services in these tough times? I'd love to hear some stories that you can share.
November 30, 2009 By Dan Lohrmann
Technology directors around the nation were watching the weekend news very closely for events regarding online sales on Black Friday (the day after Thanksgiving). No, I'm not referring to economic activity or potential impact on our nation's economy. After the troubles experienced by Walmart and others in 2008, many stores offered more doorbuster deals online.
The initial news was mixed, but bad for some portals. Here are a few related stories:
Yes, it's been a rough weekend for some of the leading retail web portals, and public sector infrastructure professionals, as well as other technology staff, should pay close attention. This issue absolutely impacts everyone who uses the Internet, whether in the public or private sector.
Beyond up or down status and overall slowness for major websites, more serious issues surfaced for some. Here's a comment regarding Staples online portal (from the article above).
"AJ says:November 27, 2009 at 6:35 pm
I ordered one of the BF $399 HP laptop from their website this morning. I got through checkout, completed the transaction (the credit card was processed), got an order # showing the HP laptop, and 3.5 hours later I got an Email saying that my order was canceled because they were out of stock.
Thank you for choosing Staples. We apologize for the inconvenience but the following product you were trying to order is sold out.
832349 HP DV6-1334US LAPTOP
This was part of our Thanksgiving Holiday 2009 Early Bird Specials and is subject to the following conditions:
* While Supplies Last.
* Unable to Back Order, as this product will not be re-stocked.
* Unable to provide comparable product at special pricing."
This same exact problem happened to me at the Staples website on Friday morning when I was ordering a product.
Why is this so significant? Because they actually took orders during the "doorbuster" hours, and they were unable to fulfill those orders - despite taking credit cards and sending confirmation emails. Customers who called with questions faced a long wait at call center help lines.
In "geek speak," they were taking order via batch processing without the real-time processing of those orders based upon inventory. Customers assumed that the laptop deals were being processed and shipped, only to receive disappointing emails later in the afternoon. Clearly, their infrastructure or end-to-end process couldn't handle the load.
The lessons here are numerous. I am sure that web "experts" tested these portal sites and associated software many times prior to Black Friday, and yet they failed. These errors will cost retailers significant dollars as well as hurt customer trust.
The closest thing to Black Friday in the public sector may be tax day on April 15. When I was the senior technology executive for the initial www.Michigan.gov launch back in 2001, we faced huge surges in web usuage on tax day.
And now, retailors (and government networks) face Cyber Monday. I expect that "door buster" deals will continue to create problems for web portals, as long as deals are limited by time or number of available items. Public sector technology officials need to take note as they offer online services.
What are your thoughts on this topic? Any Black Friday stories to share?
November 25, 2009 By Dan Lohrmann
How do you give thanks at work?
One USA Today headline this morning read, "The spirit of the season: Be thankful, spend less."
I like these opening paragraphs:
"Sometime in the 1980s, when he was living on the street, the kid who later became the seminal rapper KRS-One stopped at the Bowery Mission for a sandwich. He doesn't recall what kind, only that it was served with respect.
On Thanksgiving Day, Lawrence Parker, now 44, plans to return to the mission, children and friends in tow, to cook, serve and rap for some of its guests. His message: 'This is where I started.'"
The article goes on to describe various themes surrounding the US recession at home and our country's wars abroad. Despite these trials, we head into the holiday season with hope. "Many Americans are refocusing by giving thanks for what they have, and by giving some of what they have to those with less."
As a technology executive, I can struggle to give thanks at work. Yes, I am grateful to God and my family for many things, including my career. I realize that I am truly blessed to be in a government job that I enjoy, but what are the best and most appropriate ways to express that to others? How can I genuinely impart my gratitude for all they do?
I sometimes fear that I am misunderstood when saying thank you. Are my actions seen as too public or too private, too personal or too impersonal? What if my comments seem self-serving? If I thank one person or group, might I neglect some other person or group that is more deserving? If I am too nice, will I be respected later?
I worry that my staff might think, "He's just saying that because he's the boss." Or, "He's just going through the motions because it's the holiday season." Hopefully, I am expressing thanks in sincere ways all year - but I'm sure I've neglected to appreciate how much others do to enable our organization's success.
Once I decide to "just say thank you," the method can even get in the way. Should I send an email? Communicate in private? Announce my thanks in public at a staff meeting? Send a card? Give a certificate? (Bonuses are out). Take someone to lunch?
Too often I get busy, and I end up doing nothing. Later, I regret my lack of thankfulness as I look back at projects and more.
So on this Thanksgiving Eve, what are technology professionals to do? Well, here's some relevant advice from President Theodore Roosevelt:
"Let us remember that, as much has been given us, much will be expected from us, and that true homage comes from the heart as well as from the lips, and shows itself in deeds."
What am I thankful for at work right now?
I am very thankful for our technology infrastructure staff that do such a great job day in and day out. I know I'm a phone call away from real help 7x24x365. In fact, I usually don't even need to call and problems get resolved by themselves.
I am thankful for no major incidents on the day start call this morning. And...
Last week, when we had six major incidents on a Monday, our staff fixed all of the problems very quickly.
I am thankful for my colleagues who do such professional work with a customer-focused attitude. We have a great group of hard-working pros in Michigan government.
I am also thankful for my customers, without whom I would not have a job. They always teach me something, if I'm prepared to pay enough attention and listen.
I am thankful for Government Technology Magazine and Public CIO Magazine who allow me to share this blog and my articles with you.
And last, but certainly not least, I want thank each of you for reading my blogs.
I hope you have a wonderful holiday with family and friends - wherever you go this Thanksgiving weekend.
Building effective virtual government requires new ideas, innovative thinking and hard work. From federal stimulus projects to enterprise architectures to cloud computing, Dan Lohrmann will discuss what's hot and what's not in the world of technology infrastructure.