Regaining public trust a top tech challenge for agencies in 2014

Monday - 1/6/2014, 10:43am EST

Alan Shark on the Federal Drive.

Download mp3

The botched rollout of HealthCare.gov in 2013 means agencies must work harder than ever as they face continued tech challenges in 2014.

Alan Shark, executive director and CEO of the Public Technology Institute, said the top challenges will be regaining public trust and ensuring security.

Politics aside, HealthCare.gov's technological issues created an "erosion of trust" in the government, Shark said on the Federal Drive with Tom Temin and Emily Kopp.

"There may be some glitches because of its unbelievable reach in terms of things it has to do," he said. "We shouldn't be building things that are too big to fail."

Shark said the lack of testing, both before and during the rollout of the website, contributed to its high failure rate.

In contrast to HealthCare.gov, Gmail was in beta testing for five years, even as millions of Americans were using Gmail as their primary email address.

"Lessons learned, it should start slow, build up. Don't accept something to happen like legislation — technology is different," he said. "Therefore, there needs to be beta testing ... before launch. And even when you do launch it, you need to have those real life experiences."

In regaining public trust, the government must also focus on security.

"How do we ensure people, especially with all that we're hearing about NSA, that working with government in online communications is, indeed, safe and secure?" Shark said.

As mandated by the E-Government Act of 2002, all websites must have specific base components, including privacy statements.

But such privacy statements are often buried in legal jargon and multipage documents.

"I think we really need to have a common sense approach that just says, 'This is what happens to your information' and really have some kind of a backup system that ensures the public ... that what they say regarding policy is actually followed," Shark said.

Websites often embed cookies to track information about an Internet user. Shark said people overall seem to be OK with cookies, as long as they understand how long their information will be kept and in what capacity it will be used. They also have the option to opt out of cookies.

One of the bigger security concerns arising today is "Bring Your Own Device." With BYOD, employees use their personal mobile phones to also access work data and information.

"There are an awful lot of employees that would prefer to have one device, and not two," Shark said.

Some tech experts have expressed concern that allowing sensitive information onto an employee's personal device increases the security risk. But Shark disagrees.

"To me, some of these new applications and solutions are probably about the same security risk as having a laptop. And in many cases, safer. Because the data is not residing on the equipment. So, as long as you have broadband, you have your office," he said.

Shark still said that using your own mobile device is not risk free, and it's wise to have your own mobile hotspot or VPN, rather than connecting to a public WiFi network.

RELATED STORIES:

Health website's security prompts worries

BYOD part of new 'digital ecosytem'