David Bray will join Federal News Radio on Aug. 26 at 2 p.m. for an Ask the CIO free online chat. Register for this chat today.
The Federal Communications Commission is slowly getting out of running its own technology infrastructure.
The FCC is in the midst of several initiatives to change the way it delivers technology services and IT devices. And all of these efforts, over the long term, will create a modern, secure infrastructure using equipment, applications and systems that focus on mission success.
David Bray, the FCC chief information officer, has been creating the team, the processes and the culture to bring these major changes to the commission during his first two years on the job.
Bray said now he feels like the pieces are in place to take major steps forward to make the FCC a leading-edge IT organization.
“My goal is to get the FCC out of the business of having to maintain its own infrastructure,” Bray said. “I think that then extends to having to maintain its own desktops and things like that. That can be done with much better scale by much larger organizations than the FCC.”
In many ways, Bray is taking the FCC down the much traveled path of SEAT management — a popular concept in the 2000s under contracts such as the Navy-Marine Corps Intranet or the Outsourcing Desktop Initiative-NASA (ODIN).
But Bray said he believes times and technology have changed dramatically as compared to those previous — and mostly unsuccessful — efforts.
The FCC has been putting the pieces in place starting with a virtual desktop infrastructure (VDI) capability.
Bray said the FCC has VDI rolled out across most of the agency.
“That allows us to have a single desktop image and, as a result, we can push out the latest version of the browsers, FireFox, Chrome and Internet Explorer. That’s helped us a lot in terms of allowing to be more focused on other things like application development and things like that as opposed to having to individually update each of the different desktops we used to have,” he said. “There are some cases where VDI doesn’t fit everything. If you do a lot of processing intensive calculations or very graphic intensive, you still need to have a standalone computer. But that’s now a much, much smaller subset then what we used to have.”
The move to VDI also will open the door for the FCC to move to desktop-as-a-service when it moves its infrastructure to the public cloud starting in 2016.
“I want to go to a model that’s like Starbucks. The local area network that you actually plug into, we will take care of,” he said. “But the WiFi in the building is much more like Starbucks. You go to Starbucks, you hope the WiFi is secure and you hope you are doing a good job on your machine to secure it too, but in general everyone is using it too. Similarly in the workplace, we do have a WiFi, it’s public WiFi because we have commission meetings at the FCC. The public WiFi, if you do decide to use your FCC device, you are using a secure tunnel, whether it’s through VDI or some other sort of secure tunnel app, to hit the FCC. So in some respects VDI is not just about us trying to have us focus on things beyond just keeping hardware and software up-to-date, which is getting increasingly hard to keep everything up-to-date just because of the rate in which everything is changing, but it also allows us to do secure tunnels for the FCC infrastructure if you do bring your own device to work.”
This also means VDI opens the door for bring-your-own-device (BYOD).
Bray said the FCC is in the beta stage, which lets employees bring in their own device and connect to the network through the VDI secure tunnel or through software from Good Technology to log-on to their email.
“We also are just wrapping up a roll out of Office 365. It is on their public cloud, and per our colleagues at Microsoft, they said it’s actually been twice the speed they’ve ever done a roll out, partly because we wanted to get it done this summer,’ he said. “That also then allows you to use it not just in the workplace, but if you want to it at home through the Web browser interface or whatever the case might be, it’s the same account wherever you go.”
Most of FCC’s infrastructure will be in commercial cloud
All of these projects are leading the FCC toward putting most of its infrastructure in a commercial cloud.
Bray said for fiscal 2016, the FCC will move its legacy licensing applications to one or two cloud platforms, specifically the business logic and processes to a software- or platform-as-a-service offering.
“This is consistent to what we’ve already done with Office 365, which is our goal, probably in two years if I wanted to be ambitious, if I wanted to give us a grace period it would be three years, we are 100 percent public cloud,” he said. “I recognize this may not fit for every organization. The FCC is only 1,750 people and probably another 500 contractors and so at that size, it doesn’t make sense for me to try to stand up a private cloud or try to do something at a scale that I really can’t do at 2,250 people.”
Bray said the FCC’s tracking systems also are prime candidates to move to the public cloud. He said the commission has been reducing the number of redundant systems so now there are 102 tracking applications, down from 207 about 18 months ago.
“I’d like to be able to say a year-and-a-half or two from now that we are down to only 50 or 40 systems,” he said. “The ultimatel goal, just to give you some context, 200 servers still remaining at the FCC, over 390 software applications running on those servers and the average age of 10 years. So that’s 200 x 390 x 10 and you get to about 790,000 units of what I call entropy. That is not scalable for the world we are going in to. So what I want to get to is having one common way of logging into public cloud systems using your HSPD-12 badge as a second form of authentication in addition to username and password, at most eight different platforms, so obviously Office 365 is one we’ve already done. We’ve looked at Zendesk for our consumer helpdesk. There will probably be another five or six so that would get it to eight. I’m counting that those public cloud providers will keep their software up-to-date because they obviously have many more customers than we do and will keep their cybersecurity up-to-date too. So that’s eight units of entropy instead of almost 800,000. What that shows is we are trying to simplify and defragment the complexity that basically grew up over the last 20 years.”