FRAMINGHAMm Mass. – The U.S. government has released a Digital Government Strategy
that urges agencies to convert their troves of data into accessible formats for the public.
It also calls for a remaking of the central online hub for government information, Data.gov, into a data and API catalog that pulls data from agency sites.
The initiative follows the release last month of Ottawa’s federal digital action plan.
Additionally, the Digital Government Strategy directs federal agency CIOs to optimize their public-facing data for a new crop of smartphones, tablets and other mobile devices. That includes setting a new default standard of open data and Web APIs for government information.
“Over the next 12 months, you will start to see an important shift across the federal government,” VanRoekel said. “Agencies will increasingly open up their valuable data to the public and set up developer pages to give external developers tools to build new services.”
The blueprint also calls for the formation of a new centralized advisory group to eliminate information silos between agencies and preside over the “shift to a shared-platform culture.” A recent report on the use of Web technology across the federal government found 150 distinct implementations of 42 separate systems to create and publish Web content, distributed through the use of some 250 hosting providers.
“We will do all of this while reworking the federal government’s own use of mobile — saving taxpayer dollars and providing better service by bringing consistency to the way we buy and build for an increasingly mobile workforce,” VanRoekel said.
Tony DeLaGrange, senior security consultant with Secure Ideas,said he was encouraged that the new plan acknowledges the unique security risks that come with an increasingly mobile workforce, which include threat vectors related to both the applications and data stored on the devices, as well as vulnerabilities in their connections — both cellular and Wi-Fi networks — and, of course, the wildcard challenges associated with end users.
“Users are a struggle,” he mused, advising both government agencies and enterprises to develop a mobile awareness initiative to educate their workforce about mobile security threats, including guidelines for appropriate data sharing and policies stipulating what sorts of applications can be installed on the devices.
“We need to make sure that we enforce the security settings on these devices in such a way that users can’t turn them off,” he said.
At the same time, DeLaGrange warned against the instinctive reaction common to security workers when bringing new devices or applications behind the firewall to disable potentially useful features in the name of protecting the network from as many vulnerabilities as possible. That approach, though noble in its motivation, too often puts the security team at odds with business groups and end users, who tend to view such restrictive security policies as running counter to their own productivity.
“This is where you need a balance [between] that risk and reward,” DeLaGrange said, counseling a closer collaboration between security and business units.
The White House plan notes the distinctive security challenges mobile devices introduce, including the ease with which they can be lost and the potentially unsecure network connections they often tap into.
“These problems are not new, as the introduction of laptops into the workforce led to security and data breaches as employees took their electronic devices mobile,” the White House strategy states. “However, the new class of smaller, lighter smartphones and media tablets has elevated exposure to this risk.”
In that spirit, the strategy directs the departments of defense and homeland security to work with the National Institute of Standards and Technology to develop a baseline security framework for mobile computing in government over the next 12 months. In the interim, the directive contains “milestone actions” for NIST, the Federal CIO Council and other entities to advance the secure implementation of mobile technology across the government.
The White House plan builds on previous initiatives the administration has put in motion to modernize federal IT and open government data both to the general public and the developer community, including Data.gov, but also comes with an acknowledgement that the government has considerable work ahead of it.
“For far too long, the American people have been forced to navigate a labyrinth of information across different government programs in order to find the services they need,” President Obama wrote in a government-wide memo announcing the strategy. “In addition, at a time when Americans increasingly pay bills and buy tickets on mobile devices, government services often are not optimized for smartphones or tablets, assuming the services are even available online.”