June 14, 2009 By Dan Lohrmann
I was sitting in the back of the auditorium inside the Michigan State University's Kellogg Center in East Lansing. The event was the Michigan Broadband Summit, sponsored by the Library of Michigan and the American Library Association. The seats around me were full with a mix of government representatives, community stakeholders and librarians from around Michigan and surrounding states.
The first speaker started off with the question, "How many of you have enough bandwidth?" A few hands went up while a couple of others started chuckling.
The opportunities seem endless. New online applications, fixing the digital divide and even advances for electronic libraries like the Michigan Electronic Library (MEL). To get a good sense for the many issues and options available to Michigan and the nation regarding broadband connectivity and the stimulus dollars, I urge you to download and review the excellent powerpoint slides offered by John Windhausen Jr. from Telepoly Consulting.
Four of John's main points include:
1) Broadband has become an essential service.
2) Broadband demand is exploding.
3) Industry is investing less than what America needs (microeconomics trumping macroeconomics).
4) The US is falling behind our international competitors.
Through a series of examples including voice, education, energy and TV, he makes the point that broadband is not only "AN" essential service, but "THE" essential service to enable all the others in the future.
I encourage you to review the rest of Windhausen's material, but more important, don't forget the libraries and other government partners as you prepare a broadband strategy in your state, county, township or city. There are synergies that will build upon these relationships over time, and we can't afford to leave out important educational services that people depend upon. Citizens will expect high-speed connectivty at their local libraries, and most don't have enough bandwidth today.
Any thoughts on this library broadband topic?
June 7, 2009 By Dan Lohrmann
Are we truly at a significant crossroads in the protection of our Nation's critical infrastructure? More specifically, will the cross-sector cyber infrastructure issues now be addresed with a sense of urgency and be given the required resources to build-in the required 21st century security protections? Have the many state and local government computer infrastructure issues become a real priority? I'm now more optimistic.
What modified my opinion? We held our second annual Michigan Cyber Security Summit in Lansing this week, and I was honored and privileged to introduce and interview Harry D. Raduege, Jr., Lt. General, USAF (Ret) as part of an extended keynote session at the end of the day. Not only was I impressed with his words, I was motivated and encouraged by his unique perspective.
General Raduege's very impressive military career included several years as Director of the Defense Information Systems Agency (DISA). He is currently the Chairman of the Deloitte Center for Network Innovation, and he was recently the co-chair for the Center for Strategic and International Study's (CSIS's) Commission on Cybersecurity for the 44 th Presidency.
After his initial remarks, our conversation centered on the recently released results of the 60-day Cyberspace Policy Review which has received a huge amount of media attention. The General covered the background on these issues, the link between the Commission's findings and the Policy Review, and the near and mid-term actions to be taken.
Two of my questions included: "Why is this a crossroads? How is this situation different than before?"
General Raduege responded by describing with passion the billions of dollars we are losing to organized cyber crime. He articulated a strong business case, and he provided scary facts regarding illegal access to both private sector and government networks over the past few years. These were figures that I knew from press reports and from meetings with the Department of Homeland Security and other government agencies and states over the past seven years.
But the General's answers intrigued me the most when he described President Obama's passion for this issue at the recent release of the 60-day Cyberspace Policy Review at the White House. He sat a few feet away from the President during the event, and General Raduege told us that a new focus was evident. This inside perspective came from a decorated career cyber expert with a great reputation.
At a post-event reception, several colleagues commented that General Raduege's passion was contagious.
So I went home and took another look. Yes, I had already read the 60-day Cyberspace Review, but after the session, I reread most sections through a different lens. The Review's actual title is easy to overlook: "Assuring a Trusted and Resilient Information and Communications Infrastructure." I had previously skipped over the preface to get to the "beef," but think about these important words from the preface:
"... But with the broad reach of a loose and lightly regulated digital infrastructure, great risks threaten nations, private enterprises, and individual rights. The government has a responsibility to address these strategic vulnerabilities.
The architecture of the Nation's digital infrastructure, based largely upon the Internet, is not secure or resilient. Without major advances in the security of these systems or significant change in how they are constructed or operated, it is doubtful that the United States can protect itself from the growing threat of cybercrime and state-sponsored intrusions and operations...."
More than the detailed action steps, these words are powerful. If acted upon, they show a new commitment that will greatly impact state and local government in many infrastructure sectors. Many computer issues need to be addressed from broadband Internet access to health IT to protecting airlines.
(One side note, the Air France 447 story printed in the United Kingdon (UK) on Sunday demonstrates the critical importance of computer infrastructure to all aspects of transportation. Even though "foul play" may have no part in that plane accident, if this computer crash theory is true, the role of computers will be under a spotlight once again.)
The skeptics will likely say that all of the words in the new cyber plan are nice, but we need action. There is no doubt that I have heard and read much of this over the past few years, without significant change across the country at the state and local level. There is certainly much to do, and more dollars are needed.
Still, I am encouraged that this issue is now a top priority in DC. I am also more convinced that additional resources will be applied to this urgent set of infrastructure problems. Whether this will be seen as a "Berlin Wall falling" type of moment or a significant cyber crossroads will be determined by the actions we take going forward. I think the Bush Administration understood the importance of this issue very late in their term, but the momentum which began last year seems to be growing. This topic should continue to have bipartisan support going forward.
In conclusion, I urge you to reread the 60-day review as I did. But as you read, think of the resolve that our Nation had in the 18th and 19th centuries as we faced "threats foreign and domestic." General Raduege's words challenged me to think of our 21st century cyber threats as needing that same kind of united resolve and unity of purpose.
Yes, I knew most of the cyber attack facts and figures before, but now I am more inspired to believe that positive change is coming. Thank you General Raduege for your service and for coming to Lansing. You brought the "inside the beltway" words to life in Michigan.
What are your thoughts? Is this a cyber infrastructure crossroads?
May 24, 2009 By Dan Lohrmann
The nation's first all-digital election was deemed a success by Honolulu's city officials over the weekend. According to the Associated Press:
"Some 115,000 voters in Honolulu's neighborhood council election were able to pick winners entirely online or via telephone. The voting, which started May 6, ended Friday.
City officials say the experiment appears to have generated few problems; it has even saved the financially strapped city around $100,000."
Despite reports that describe the cost savings, ease of use and benefits to overseas and military voters, the same online election process cannot currently be used for city council or state elections in Hawaii because there is no paper record of votes.
The technology infrastructure and web voting process for the election was provided by Everyone Counts, a company that has managed online elections worldwide. The Everyone Counts website had this to say about the Honolulu Internet vote:
"The City and County of Honolulu are currently holding the United States' first all-digital election conducted entirely online and via telephone. Using Everyone Counts' trusted and secure voting solution, the City and County of Honolulu aims to decrease costs and increase voter participation in its 2009 Neighborhood Board Election through Everyone Counts' commitment to universal access. By offering an all-digital voting system, Everyone Counts provides previously disenfranchised voters, such as military and overseas voters, and voters with disabilities, access to a convenient, secure and reliably counted ballot. The voting period for the Neighborhood Board Election opened May 6 and will extend through May 22."
News video coverage of the vote was also available at KGMB9's website. The video contrasts the new process with more expensive vote by mail methods. The results are expected on Tuesday, May 24.
So is this the wave of the future? There are excellent arguments on both sides of this electronic voting debate. With an exploding amount of identity theft in America, it's hard to see this approach being used for the November 2010 elections across the USA. Nevertheless, this could be a first major step towards online voting.
In my opinion, the goal of increased participation by using the Internet, along with the potential for reduced costs, will drive governments to take a hard look at adopting new technology to make e-Voting a reality over the next few years. What's missing is the new infrastructure to ensure verified identities for all citizens online and the state government infrastructure to eliminate e-voting fraud. More on this in future blogs.
So what are your thoughts? Are we heading for electronic hanging chads? Is this a positive development in your opinion? More important, what new technology infrastructure is your government exploring in this area?
May 17, 2009 By Dan Lohrmann
There have been quite a few articles about insourcing over the past few months. As expected, this buzz has sparked another debate about our new President's plans to insource federal government jobs. The basic issue surrounds the simple question: should governments insource or outsource jobs - especially in technology?
According to 2010 budget documents, the White House plans to convert contractor positions into federal positions. Of course, insourcing is not new. The Bush Administration even did some insourcing and saved millions of dollars in some cases. One note: I am not addressing the practice of sending jobs offshore or overseas, just whether governments use the private sector or government staff to perform various functions.
A year ago, the Washington Post described some of the competiton for jobs between federal workers and the private sector performed under the Bush Adminstration. They were originally looking to outsource more jobs to the private sector. What did they find?
"Private contractors have grown increasingly reluctant to participate in the competitions, which federal employees have won 83 percent of the time."
At the same time, big savings were proclaimed through the competition program.
"... competitions completed thus far have generated projected savings of more than $7 billion."
Meanwhile, many state governments such as Virginia and Georgia have outsourced IT work to save money and for other reasons. Texas also outsourced a large part of their technology work to IBM, but their efforts hit a snag last year.
So which one is it? Does outsourcing or insourcing save money? The answer is that it depends. There is no simple answer to this question, in my opinion.
Many believe that cloud computing and new trends in virtualization will eventually lead to IT functions in government becoming an outsourced commodity for the majority over the next decade. However, I think this debate, which goes back many decades, will rage on for years to come with new stories emerging as evidence for either side.
But from a short-term, pragmatic perspective, how can insourcing jobs save you dollars right now during this economic downturn?
In Michigan, we started "contractor conversions" in our Department of Information Technology back in 2004. Looking to save money but maintain quality staff, we used a few basic parameters to decide what jobs/roles to bring back in-house. Here are a few of the guidelines we used that may help you sort through your decision matrix.
1) Ask: what contractors have been with you for a long periods of time (probably years) doing maintenance or other ongoing IT work? We found dozens of long-term contractors making much more than state staff, and we targeted those roles for contractor conversions. These conversions continue to save us millions of dollars a year today.
2) Ask: what skillsets do we need in-house over the long-term and which skills do we need to acquire from the private sector. Timing is important, so you need to regularly relook at your situation. For example, integrating an ERP system is a rare skill that perhaps should be contracted for via a competitive bid, while help desk skills were deemed to be best done by state staff.
3) Ask: what short-term staff augmentation efforts have gone on for too long? We found that contractors often offered us short-term flexibility to adjust our staff levels up and down in times of need, but contractors sometimes stayed longer than originally expected. We believe that a good mix of state staff and vendor staff is healthy, especially for projects where specific deliverables are spelled-out in fixed price contracts. In those cases, if the vendor has delivered a system to other states or governments, they bring in a wealth of unique experience for integration efforts.
Finally, I don't believe in a one-size-fits-all approach. Despite the perception that Michigan is an "insource state," we still outsource select services. We also maintain great relationships with our vendor partners - whom we value greatly. For example, our Michigan.gov portal is actually hosted by IBM in Boulder, Colorado. We also outsource specific applications such as credit card processing - where it makes business sense.
Bottom line, I believe that many state and local governments can save money now by looking at insourcing select IT jobs. When the proper management is in place, this "contractor conversion" approach has proven to be effective. In our experience, many individuals will happily join government service, especially in these tough times when staff are looking for job security and perhaps other benefits.
What are your thoughts? What criteria do you use to determine the right mix of contractor versus government technology staff?
May 6, 2009 By Dan Lohrmann
To buy or not to buy (more telework capacity) - that is the question during an epidemic. As the H1N1 flu situation evolved rapidly over the past two weeks, CIOs, CTOs, CISOs, and other government technology officials faced (and still face) a series of tough buying decisions in difficult budget times.
When the World Health Organization (WHO) raised their pandemic alert level from 4 to 5 (the second highest level), organizations were told to begin implementing their pandemic plans. No problem - right? A few years back, governments created pandemic plans in preparation for Asian bird flu, so these plans have not even had time to gather dust. In Michigan, we have an excellent plan which we are following. (My focus in this blog is only on the technology-related actions.)
Government Technology Magazine ran a nice background piece on this telework question last week. They brought up some great points about the overall capacity of Internet Service Providers (ISPs) access into homes during emergencies. They also pointed to success stories in states like Virginia. Still, I'm confident that many cash-strapped government organizations face difficult buying decisions at a time when we all need to do more with less.
Unlike most emergency situations, such as a fire or tornado hitting a building or data center, a pandemic could leave your infrastructure intact with your staff at home. Whether your employees are caring for family members, watching kids whose schools are closed or recovering from the flu themselves, staff may not be in the office.
So this question will quickly come up: How many people can work from home (connect securely to government networks) at the same time during a pandemic? Putting aside the business-related process questions around working with others, computer applications, etc, we faced the following dilemma:
1) Approximately 13,000 Michigan State employees (out of about 55,000) have laptops. The others who have computers use desktop models. Should we buy more laptops in bulk and make them available? At about $900-$1,000 each, one thousand laptops would cost almost a million dollars.
2) With available telecommunications equipment, we can handle about 4,500 simultaneous Virtual Private Network (VPN) connections. This infrastructure is more than triple our normal demand. Increasing capacity to handle an additional 15,000 or more VPN connections could be done by buying more telecom equipment.
3) Other facts - most employees can already use their home computers for non-sensitive data and connect to the Michigan network for their Microsoft Outlook or Novell Groupwise email needs. However, our policies only allow home computer use for access that does not contain personal data that could cause a data breach (ID theft) or cause a privacy violation.
In a nutshell, the decision looked like this: should we spend precious dollars now or wait for pandemic level 6 to arrive when equipment might not be available from vendors for weeks or months? We are facing budget cuts and even staff layoffs in Michigan, so there are never enough dollars.
True, this infrastructure may still be used in the future after the flu situation ends. However, stockpiling laptops is generally a bad idea, since the equipment can quickly become "the old model" that customers don't want. Does the situation call for emergency technology purchases now? I'll tell you what we decided in a later blog.
One final item, many governments organizations (like Michigan) are in the process of replacing desktops with laptops over time, but the transition is happening over several years. We are also looking at virtual desktops and other new technologies to help this situation (a good topic for a future blog). Finally, we do have a few hundred spare laptops for emergencies - but nowhere near enough for every need during a full pandemic outbreak if thousands of state employees stay home.
So what would you do in this situation? More important, what have you done?
Building effective virtual government requires new ideas, innovative thinking and hard work. From federal stimulus projects to enterprise architectures to cloud computing, Dan Lohrmann will discuss what's hot and what's not in the world of technology infrastructure.