The White House gave the Census Bureau and the Small Business Administration the go-ahead to run pilot programs to improve the Trusted Internet Connections (TIC) program, which standardizes network security across the government.
“They’ve got ideas on how to connect up to and leverage commercial cloud that are not currently supported by the existing read of the reference architecture and TIC policy,” Jack Wilmer, the Executive Office of the President’s senior policy adviser on cybersecurity and IT modernization, said Monday at the GITEC 2018 Summit in Annapolis.
The goal of the pilots, Wilmer said, is to figure out how to update the TIC reference architecture and policy, since agencies have cited the TIC current requirements as a reason for not yet moving to the cloud.
“What we settled on, instead of trying to make a big TIC reference architecture rewrite, was to put a data call out to agencies and say ‘Is there anything that you believe that you should be able to do to connect to the commercial cloud? Submit to us your idea, and if we think it’s a reasonable idea that we can implement in a secure enough way, we’ll go ahead and do a pilot,'” Wilmer said. “‘And if then if that pilot proves successful over a period of time, we’ll go back and update the reference architecture to reflect that that’s now a new way of operating.'”
Census and SBA, Wilmer said, are working closely with the Homeland Security Department, the Office of Management and Budget, and the General Services Administration to make sure that the approaches they’re using comply with the TIC standards.
The pilots will also look at ways of rapidly depreciating connections to the commercial cloud.
“As the threats change, there may be models of connecting up to commercial cloud that seemed like a really good idea before, but then all of a sudden … something else has popped up that makes us say, ‘OK, we would rather have new connections that are established working in this way, instead of one of the other ways,'” Wilmer said.
Technology Modernization Fund key but not enough
Earlier this month, Joanne Collins Smee, the acting director of Technology Transformation Services at GSA, said she viewed the $100 million Congress appropriated for the Technology Modernization Fund as a “glass half full” scenario.
While the TMF remains a key aspect of the Modernizing Government Technology (MGT) Act, Wilmer said it is not the most essential tool in helping agencies overhaul their IT systems.
“I think most of you know that’s probably not enough money to modernize all federal government IT, but it’s also not supposed to,” he said. “They’ll help those agencies modernize, and then the intent is that over a period of time, the agencies will pay back that initial loan that may have covered concurrent operations or some of the other costs that they just didn’t have in their budgets. With the savings they’ve accrued, they’ll pay back those initial loans, and you can easily see how the fund will grow over time.”
Instead, Wilmer said he is more excited by the working capital funds from the MGT Act, which should give agencies the flexibility they need to focus their end-of-year funds on IT modernization projects.
“Instead of running into the scenario where you have one-year IT dollars, this actually allows you to create a working capital fund so that you can turn those single-year dollars into multi-year dollars, and avoid the problem where at the end of year, you have to look for whatever contracts you have, look for how much money you have left over, and try and allocate that funding across whatever contracts are most ready — not necessarily relating to what’s most important for your mission,” Wilmer said.