Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- Government Perspectives on Mobility and the Cloud
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Reimagining the Next Generation of Government
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
FedRAMP, Data.gov revamp just part of GSA office's caseload
Tuesday - 3/6/2012, 5:38pm EST
But even with fewer than 100 employees, the office, which officials likened to an idea-generator for the government, carries out an extensive array of programs dealing with technology and customer service.
Last year, the office released its annual report — its first — which featured progress updates on everything from GSA's online app marketplace to its mobile initiatives.
Dave McClure, the associate administrator in the OCSIT, and Kathy Conrad, the principal deputy associate administrator joined In Depth with Francis Rose to discuss the work the office does and the progress on cloud-computing security standards in particular.
Dave McClure and Kathy Conrad in the Federal News Radio studio.
McClure said the need for accountability and transparency — as well as a desire to show return on investment — helped drive the release of the first annual report.
"The feedback has been:' I didn't your office did all these things,'" McClure said. "So, in many ways it really educates both inside and outside of government what this office really does."
Data.gov aims for 'vibrant' sets
Given its governmentwide focus, office is particularly interested in initiatives that impact across agencies. Conrad cited the launch of BusinessUSA.gov, an online portal developed with the Commerce Department and Small Business Administration and designed to be a "one-stop shop" for businesses to navigate the federal sphere.
Conrad also touted Data.gov "communities" — federal datasets organized by topic, such as education or energy, which she likened to a "treasury trove" of federal data.
"You have the mechanism to not only make data available, but then give people a mechanism to find impact from it," Conrad said. "So, we're seeing that community concept really taking off in a broad sense because it's a way to bring together both the people who have the data with those who could use it."
McClure said that fits with the agency's goal of shifting from thinking of Data.gov as a simple repository of information to a "vibrant, active set of information and data that customers can come in — whether it's an organization, a citizen, a business, academics, software developers — and actually mine it very fast."
Agency taking its time on FedRAMP
Also high on the list of the agency's accomplishments is the Federal Risk and Authorization Management Program, or FedRAMP, the effort to create a governmentwide process for securing and cloud-computing solutions.
McClure said the office has been working on the guidelines for about two years. It took a while, he acknowledged to develop consensus for the security standards and a baseline set of controls from all government stakeholders — civilian, defense and intelligence.
"It took us, probably, longer than we wanted, but rather than rush, you better get it right," McClure said, "so we have taken some extra time to do that."
The last six months has been consumed with creating the actual infrastructure to eventually run FedRAMP as a program, McClure said. And that slow launch will continue over the next couple of years.
Between now and fiscal-year 2014, GSA will "gradually roll FedRAMP out," McClure said. "It's not a turn the spigot on, let the water flow freely (process)."
GSA plans to release its first list of third-party assessors that have been accredited by FedRAMP in April, Conrad added. Following that, GSA will make awards for governmentwide email solutions.
By the second quarter of 2013, GSA will open up the process to more "prioritized solutions that have governmentwide impact," McClure said. By 2014, GSA aims for FedRAMP to be a "fully operational, sustainable set of activities"
But there's still a long process ahead and GSA "won't get there overnight," McClure added. "We're going to take our time in getting there."