Frontis Wiggins said he sees the State Department’s “D-” on the Federal IT Acquisition Reform Act (FITARA) report card back in November as a great opportunity.
Wiggins, who has been State’s chief information officer since July, knows he has nowhere to go but up.
And one approach to not only improving State’s FITARA grade, but really transforming the way the agency manages and acquires IT is through a new concept called franchises.
“We got this idea for doing IT franchises from a colleague of mine, the CIO at the CIA, where they did something similar. You look at the CIO’s office as a franchise organization just like McDonalds does and you have downstream franchisees that then have an agreement that says they will abide by the following rules and regulations. Here is what we expect from the franchise headquarters as a franchisee and as a franchise here is what we will do,” Wiggins said during an interview on Ask the CIO. “We are pursuing that right now. We have a draft franchise agreement. We will pitch it to somebody as a test bed. It’s a way for us to get to FITARA in a different way as opposed to saying, ‘it’s a regulation and you have to follow it.’”
Wiggins said under the franchise idea, every IT office across State will have to follow certain standards. But these same offices will be able to tweak their implementations as needed based on where they are located.
“The idea is we are going to create a template and pilot it with a couple of early adopters and actually have them help us adjust the franchise arrangement,” he said. “We will start with the biggest groups first so we get the biggest bang for the buck, and then work our way to the smaller organizations. The idea is we will try to get collaboration on this so it works for both parties. The other idea, which also dovetails with FITARA, is with some of the corporate system owners they have chief technology officers or chief IT officers or other folks buried in other organizations. We want to set up a relationship between those embedded elements in those bureaus and the CIO’s office, and give them a title and perhaps a reporting structure that includes interaction with the CIO’s office.”
Along with the franchise idea, Wiggins said his office is working with mission, financial and acquisition partners to further implement FITARA.
“In just the last couple of weeks, we’ve identified a template for a new financial activity so we can get visibility into the IT spend, not just the IT central fund or the expedited passport fees that the CIO’s office normally would, but all the appropriate funds that are being used for IT acquisitions. The CFO is a big proponent of this,” he said. “I just had a discussion with our chief acquisition officer about coming up with a defined template for all the acquisitions that are out there.”
On the mission side, Wiggins’s office is taking an approach to educate why FITARA is important and what it can do for them.
“A lot of them are appreciative of it because some of these things have been happening in the shadows and they want to normalize it, it gets visibility and they get a blessing from somebody so it’s a great dialogue starter,” he said. “The fact that it’s a law, gets people’s attention and gives me the flexibility to have those discussions and then you can approach them with a carrot or a stick.”
Wiggins said he expects these efforts to educate and inform, and take advantage of the flexibility to implement FITARA pay off in the short term as he takes on several modernization initiatives.
A top priority for State technology is to move more to the cloud. Wiggins said previously State dipped their toes by moving individual applications or systems to the cloud, but it has not focused on moving enterprise technology to infrastructure-, platform- or software-as-a-service instances.
State already has more than 50 applications in the cloud.
“I want to get us pushed out to Office 365 in Azure,” he said. “I can put Word for 365 or SharePoint for 365 out there, but that corporate email, which tends to be not only our tool Du Jour, but also our knowledge management tool Du Jour. That’s the big lift. I want to get us to an enterprise cloud email solution. I can get the other productivity suite tools done pretty quickly. In fact, we are anticipating doing it this fiscal year. Email will be the last piece because it’s the hardest lift because we have a very specialized tool, State Messaging and Archive Retrieval Toolset (SMART), is built in Outlook and rides on Exchange infrastructure that we have at just about every post. So making that transition of the email platform will be very difficult.”
Wiggins said State needs to be sure the email system will run even if the link back to headquarters through the cloud goes down. He said because all traffic must go through a Trusted Internet Connection (TIC) that makes cloud email more complex than normal.
“If we want to collapse all of that into a sustainable environment, I have to make sure I have multiple routes to get to every location and if I have to backhaul that traffic, that is where the risk is,” he said.
Related to the cloud priority, Wiggins wants to give State employees “ubiquitous WiFi around the world.”
He said, “One of the ideas is to get away from wired workstations. I spend a lot of time and money doing cabling worldwide. When you have 280 or so locations, you go from CAT-5 to CAT-6 and now we have fiber. If we can get people to a tablet-based environment where they are a lot more mobile and in a secure environment, that is where we want to be.”
He added State has some WiFi pilots around the world, but is hopeful to expand them.
All of this would be supported by a more advanced two-factor authentication identity management system where State employees could use their smart identity cards get them to all internal and cloud systems and applications.
“We met the OMB mandate last December to get two-factor authentication to all non-privileged users and we are about 90 percent of the way for all of our privileged user accounts,” he said. “The idea is not just to get access to the enterprise system, which is what we’ve done, but have a series of identities on a single card that gets you to your cloud or mobile environment. Right now, we have different ways to do that authentication and I want to get us to a single authenticated enterprise solution that does all those different platforms.”