On Brunson White’s first day at work, he looked around his offices in downtown Montgomery, Ala., and realized two things: Half of his computers would need to be replaced in a relatively short amount of time.

And so would half of his employees.

“I was a little shocked,” White said, laughing.

As Alabama’s first Chief Information Officer, White knew that the hardware had seen better days.

“Government tends to run technology down to the ground” White explained. “But I wasn’t fully aware of the staffing situation.”

Alabama’s Information Services Division has a high number of baby boomer staffers that plan to retire over the next eight years, White said. He estimates fifty percent of his office will be retiring in the next four or five years.

“My deputy was going to retire, and I had to convince her to stay on,” White explained. “She is one of the original people in this department, and losing her would’ve been a huge setback.”

It’s not just in Alabama. As Government Technology recently reported, the Baby Boomer IT exodus is causing significant staffing issues across the country. For example, Texas’ CIO Karen Robinson said that 45 percent of her office will be eligible to retire in the next 5 years.

According to a 2011 nationwide CIO survey conducted by NASCIO, between 21 percent and 30 percent of the total IT workforce in state governments will be eligible for retirement by 2016. And while some municipalities and governments are trying to find ways to develop, obtain and retain IT specialists, others like White are going a different way.

“I believe that if you outsource everything, or nothing, it’s a horrible mistake,” White said. “So we’re going to outsource a lot of this, while keeping essential roles filled by state workers.”

San Diego’ Success Offers Model for Others

White said he plans to have outside IT vendors manage software and database systems, while having his government staff focus on making sure the systems are easy to use and understandable to state workers.

Other municipalities and governments have found success outsourcing the entire operation. San Diego County, for example, has outsourced IT services since 1999.

“We did it for a lot of reasons,” explained San Diego County CIO Mikel Haas, “including the [retirement] problem. We feel IT doesn’t have to be a core competency for government.”

While the county has gone through several IT vendors during the past 15 years, Haas said the outsourcing has been largely successful (you can read a broader history of San Diego’s IT outsourcing history here). The current contract is solely with HP Enterprise Services. Haas explained that having one company dedicated to providing IT services is important to the county.

Like this story? If so, subscribe to Government Technology's daily newsletter.

“You want one throat to choke,” Haas said. “You don’t want to have three different companies all doing different [tasks] because they’ll just point fingers when something goes wrong.”

Haas also pointed to the de-politicization of the procurement process as a reason for success.

“Once we start the call for contracts, lobbying ceases,” Haas said. “The [county] board is very disciplined in that way. The decisions are based on the best value to the county.”

Securing a ‘Lot of Little Kingdoms’

According to the 2011 NASCIO survey, attracting and retaining IT personnel specialized in security is the greatest challenge facing state CIOs. Demand for these employees is high, after significant data breaches at Wal-Mart, Sony and Target have prompted the public to demand their personal information be securely held.

This presents an opportunity for IT service companies that can offer security with flexibility.

Both San Diego and the state of Alabama have federated service departments, meaning IT needs can vary dramatically between one division focusing on child welfare and another department focusing on water management.

Alabama's White described it as managing “a lot of little Kingdoms.”

Those varying needs mean private IT companies will have to be able to manage some systems that promote openness and transparency, while also protecting private information such as financial and medical records.

To help mitigate potential risks, San Diego County allows division and department heads to look outside of the contract with HP for specific IT services. Currently, the county has 70 IT service applications outside of HP.

“That’s a very attractive thing when you’re dealing with HIPAA and other confidential data,” said Haas. “We’re not locking everyone in to a ‘one size fits all’ situation.”

Haas also demands that HP provide the same security features to San Diego County as employed at Hewlett-Packard.

With public scrutiny of government software and interfaces high after the deeply flawed launch of the Healthcare.Gov website, White said it’s critical that new and existing IT vendors demonstrate they have strong security protocols.

“I also want to know they can find the right solution for the right situation,” White said. “If a company is flexible and can offer several different solutions, it’s going to go a long way in getting [Alabama’s] business."

John Sepulvado  |  Contributing Writer

John Sepulvado is from Southern California. He enjoys writing, reading and wants to take up fishing.