April 2017 Digital Edition
March 2017 Digital Edition
Feb. 2017 Digital Edition
January 2017 Digital Edition
Nov/Dec 2016 Digital Edition
Oct 2016 Digital Edition
Public sector IT trends for 2013 and beyond
Steve Barone (left)
By Steve Barone and Steve Pace
With the second half of 2012 consumed with presidential politics, this feels like an appropriate time to take a look at some of the emerging IT trends -- and subsequent security challenges -- faced by a public sector that is frequently forced to wrestle with a very different set of logistical and security concerns than the private sector.
Examining these “Big Picture” trends, and outlining some of the basic best practices associated with streamlined and secure implementation of new technologies, helps to paint a picture of a public sector IT landscape that will evolve rapidly during the coming year.
Going virtual -- Across various departments of the federal government today, we are continuing to see the deployment of virtualization within data centers. While data center virtualization is becoming fairly popular and might be characterized as “mainstream” at this point, desktop virtualization has not been adopted as readily or rapidly. While there is abundant interest in desktop virtualization strategies, the concept is still being studied. As a result of the continued growth of data center virtualization, and in anticipation of what will likely be accelerating desktop virtualization going forward, securing the virtualized environment will likely become a predominant public sector IT trend heading into the New Year.
The emergence of “as a service” -- Ongoing expense and budget constraints are a much-publicized and all-too-common public sector limitation. Because some government agencies may attempt to work around those limitations by utilizing operations and maintenance funding instead of up-front capital expenditures, we are likely to see more “as-a-service” offerings in the near future. From software to infrastructure, storage and other platforms, the ability to pay a monthly service or access fee instead of having to make more significant up-front purchases or investments makes this an appealing model for government entities.
Forecast: Cloudy -- Along with the emergence of as-a-service platforms, public sector IT will continue to move to the Cloud. The Obama administration has already urged federal government agencies to move in this direction, setting a goal of moving three applications to a virtual Cloud.
Taken together, these public sector IT trends -- virtualization, as-a-service platforms and Cloud-based computing -- present a range of advantages with regard to flexibility, adaptability, accessibility and functionality. There are, however, corresponding new concerns regarding security and vulnerabilities. As a result, adhering to best practices while implementing and operating in these virtual environments is critical:
Evaluate carefully -- It is vital that as-a-service vendors are experienced and conversant with public sector security protocols. Public sector decision-makers need to ensure that the provider is delivering the kind of security that is not only robust, but also fits the operational and security profile of their department. Essentially, as-a-service platforms are a kind of outsourcing, and finding a way to integrate this new model in a way that provides maximum security, and is least disruptive to existing operations, will be key.
Balance need versus risk -- The success of virtualization has become, in a sense, its own enemy -- with the popularity and ease of implementation, it has become relatively easy to create new virtual servers. Each and every time that happens, however, significant security concerns are presented. There are still a large number of public sector data centers that are mandated to be consolidated, and server virtualization will be a big piece of that solution. Balancing need versus risk in the equation must be an important factor in determining if, when and how a virtual server should be created.
Consider access points -- The biggest point of vulnerability is typically not the virtual server itself, it is the piece at the other end of the virtual connection, the end-user, that opens up additional security issues. And it is not just the integration of virtual desktops, but expanding that out for a wide variety of mobile users across a number of different platforms. Tablets and smartphones have their own inherent operational and technological security concerns as well, which complicates the issue and opens up a whole new can of virtual worms.
Budget wisely, but don’t cut corners -- Public sector entities will almost always face funding challenges and limitations. Despite those realities, it is important to remember not to sacrifice security or take technical or security shortcuts to save a buck. This is especially important because public sector IT security must take into account the fact that each individual device used by a public sector employee must have appropriate security on it, such that if it is lost or stolen, no one can use the device to access the network, access sensitive data or cause additional harm. Card readers and other authentication devices associated with government work makes the financial IT security investment even more significant.
Remember that security is Job 1A -- One of the biggest issues facing public sector IT as the move to virtualization picks up steam is the fact that there are unavoidable complexities and extreme security concerns unique to government work. These unique security issues, which can even have potential national security implications, have necessitated the creation of virtual private Clouds, where everything is behind a firewall and nothing is exposed. While these complexities and heightened security concerns can exist within a single government agency, additional problems can arise when considering how to flow critical data across agencies -- a not infrequent necessity in the public sector. A viral epidemic or a biological threat would require intense coordination between both the CDC and Homeland Security, for example. Balancing access and protection is a significant challenge, and designing virtual systems that are both secure and sharable is going to be important going forward.
Steve Barone is president and CEO of Creative Breakthroughs, Inc. (CBI). He can be reached at:
Steve Pace is CBI’s public sector practice director. He can be reached at: