Q&A: GSA's CIO Coleman Talks IT Modernization

The General Services Administration provides real estate management and centralized acquisition of products and services, including IT services, to other federal agencies. GSA's Office of the CIO, which provides IT infrastructure and support to the agency itself, is managed by CIO Casey Coleman.

As co-chair of the federal CIO Council's Best Practices Committee, Coleman has been involved in the early stages of the U.S. government's cloud computing strategy. Coleman writes a blog, Around The Corner, and she posts regularly on Twitter. In September, she was named to InformationWeek's Government CIO 50.

GSA's proposed IT budget for FY 2011 is $639 million, a 0.8% increase over the current fiscal year. In this interview with InformationWeek's John Foley, Coleman discusses how she plans to find money for innovative technologies with a flat budget, cloud computing, the potential use of consumer technologies in government, and what's on top of her IT project list.

InformationWeek: What are your priorities these days?

Coleman: Our priorities can be summed up in two words: IT modernization. That's a big initiative that covers a lot of specific projects. It's being driven by the idea that we at GSA, as a service provider to the federal government, should be a stellar example of the services available that other agencies can utilize from us, be the best example of 'eating our own dog food.' We have a plan that covers a number of different infrastructure and application-usability issues under the fabric of IT modernization. The goal is to provide our employees and other stakeholders with the tools and capabilities they need to do their 21st century mission.

A couple of projects that are already underway or about to queue up include an agency-wide voice over IP rollout. We have about 10% of our users on VOIP phones and the rest using traditional dial tone service. By moving everyone to VOIP, you take advantage of new capabilities like unified communications, the ability to converge voice and data networks, and we anticipate saving a fair amount of money, perhaps as much as 50% of the $18 million that we now spend on local voice service every year.

Another initiative that is about to get underway is single sign on, or identity credential and access management. What this means is taking the OMB mandate for two-factor authentication--in our case that will be our smart cards, our access badges that are HSPD-12 compliant, plus the PIN, the identity number that goes with that--and using those two factors to get access all of our systems, both physical and logical access, so access into the buildings, onto the network, to the applications and the roles that they're granted. It's not just access, but roles management. That has the dual benefit of improving usability, because users no longer have to remember a dozen or more passwords, but also end user productivity and security. With this system in place, when an employee departs, we can immediately de-provision them and know that they've been removed from all the systems to which they had access, at once. We will know which roles they have access to so that we do not inadvertently grant someone the right to have conflicting or inappropriate roles in different systems that previously would have been authenticated separately.

Other initiatives we're looking at include things like potentially implementing an enterprise-wide business intelligence system. Right now we have business intelligence solutions, but they're in pockets across the agency. There's potentially a lot of value in having an enterprise view of all of our business operations and have dashboards for executives and others. Those kinds of forward leaning initiatives are things we're looking at. Longer term, we're interested in things emerging from the consumer market, like netbooks, smartphones, and mobility applications. We're looking at those kinds of capabilities to see how we take advantage of them in a way that's compliant and secure.

InformationWeek: Federal CIO Vivek Kundra talks about how the consumer market has had an advantage over government users in that respect. Do you get the sense that GSA employees and government employees in general really want these consumer technologies at work?

Coleman: It depends. I believe there's an unquestioned productivity benefit to some of these capabilities. If you have a phone that has voice-activated directions and you're going to a meeting in another building or area of town, it's a helpful tool to have. There are business capabilities that we can tap into. But I'm not sure everyone feels the need. There's no doubt a comfort level with existing tools and processes, but our mission is not static, our workforce is not static, and our technology has to evolve with evolving workforce and mission demands.

InformationWeek: Let's talk about the proposed fiscal 2011 budget. GSA's anticipated budget is essentially flat. Where might there be increased levels of IT investment at GSA and where cuts?

Coleman: As part of our IT modernization and strategic planning process, we're looking at the amount of portfolio investment dollars that go to 'steady state,' or operations and maintenance, versus new and innovative investment, which we refer to as development, modernization, and enhancement. Currently we spend about 83% of our IT budget across the agency on steady state operations and maintenance. We think that's high. We don’t see that we're going to get a lot of new investment dollars for innovative capabilities; rather, we need to invest selectively in initiatives that will free up money from legacy systems to reinvest in new stuff. I said we spend $18 million a year on local phone service for agency employees; by going to VOIP, if we can cut that in half, and we think that's a reasonable assumption, you would have money you can turn back into a subsequent initiative for modernization.

InformationWeek: That's how it's done in the private sector, as you know. Squeeze money from operations and put it into innovation.

Coleman: That's our goal. Over the next three years, we seek to move that balance from 83/17 to 60/40. That's aggressive, a stretch goal, but we think it's appropriate to push ourselves.

InformationWeek: There's an emphasis in the FY 2011 IT budget on centralized provision of IT services. That's what GSA does. Do you see that emphasis having an effect on GSA's role and the services you provide?

Coleman: It certainly plays to GSA's strength and to our competencies and our built-in authorities as the general service provider. We do a lot already including the Networx contract--that's the world's largest telecoms contract--which is a centralized resource for all federal agencies, the e-Travel program, which are the three travel service providers that all agencies are to be using, and HSPD-12 cards on a subscription basis so that each agency need not enter into its own access card contract. We do a lot of these things already and I'm sure that will grow over time, but no specific announcements at this time.

InformationWeek: One area where GSA has been involved in centralized provision of services is cloud computing. I understand there have been some changes in responsibility at GSA. What's changed?

Coleman: When the Obama administration announced cloud computing as a priority, we volunteered to take a lead role because it's well aligned with what we do as a centralized service provider. I've taken a role in chairing the CIO Council executive group that's creating the strategy and coming up with the roadmap. Since then, the GSA Office of Citizen Services, headed by Dr. Dave McClure, has really come up to speed. He's taking over a key element of the cloud initiative, so the Citizen Service group will be managing the program office and the pilot activities and the program budgeting for this year and beyond. I will continue to chair the CIO Council leadership team, that is the governance body of the CIO Council responsible for cloud computing.

Apps.gov is a joint effort of several offices at GSA. It's built on the GSA Advantage platform, our e-commerce site; it's the place to go for purchasing services and commodities off the GSA schedules. Apps.gov is a storefront, a new look and feel, built on that underlying platform. That's managed by the Federal Acquisitions Service. The requirements for it were developed by our cloud program team, under the counsel of federal CIO Vivek Kundra.

InformationWeek: What is it that Dave McClure will be involved in that he wasn't before?

Coleman: There is e-gov funding that has been set aside for cloud computing. That budget for cloud computing is going to go toward pilot activities and toward managing the program activities—budget, schedule, deployment issues. Dave's responsible for all of those various work streams. So he has the operational, programmatic, and budgeting side, and my responsibilities are more with the CIO Council and looking at it from a strategic and governance point of view.

InformationWeek: You've been involved in cloud computing since day one. What's your view on cloud services in the federal government—are you bullish or skeptical?

Coleman: I'm bullish, but I don't think cloud computing is the silver bullet to solve all of our IT challenges. It's real. If you look at the way IT operations are conducted, every time there is a new application, a new infrastructure has been created. So you have within one data center, let's say 20 different applications, each of which has its own architecture and is only running at maybe 10% to 20% capacity except for those few moments where demand spikes. You plan for the most demand you need for each system separately, and as a consequence you have huge energy consumption and cooling bills for data centers, which are only growing. Cloud computing offers a way to tap into the same resources for multiple tenants and applications and share the peaks and valleys in demand, so you have much better utilization of resources. It's a greener solution, it's more cost effective, you turn capital investment into operational expenses. You can use what you need, pay for what you consume, and when you no longer need it, you no longer pay for it. There's a huge business and mission value proposition for cloud computing, not only because of cost issues but because of the agility issues.

InformationWeek: Federal CIO Kundra has taken notice that the number of federal data centers has doubled over the past 10 years and some agencies are consolidating data centers. Is that something that's happening at GSA?

Coleman: We'll definitely be looking at our data centers to see if there's a business case for consolidation and, if so, how we do that. Like other agencies, we have multiple data centers, probably with some rationale, but that's not to say that as technology has evolved we can't take advantage of that and do some consolidation.

InformationWeek: But at this point, you don't have specific plans to reduce from X number of data centers to Y number?

Coleman: That's correct.

InformationWeek: In what way is your team involved in the Obama administration's open government initiative?

Coleman: With the Citizen Services Office, we're supporting the open government dialog that is mandated in the Open Government Directive. Each agency has been mandated to stand up a dialog capability for the public to comment on their open government plans and data. We, with Citizen Services, are standing up IdeaScale, a collaboration and dialog tool, and 23 out of the 24 cabinet agencies are or will be using it. It makes sense. It's a capability that's time bound, it's not indefinite in nature, and it makes more sense for us to do this in a shared fashion than for each organization do its own. My office is working to make sure that it's a secure solution for the public to use.

InformationWeek: The federal IT Dashboard was new last year, and it has forced some agencies to adopt new tools and processes to get that information and make it available. Have you had to do that?

Coleman: We've been working on IT project and program management for years now: training and certifying our employees on project management, making sure that we had software development lifecycle processes standardized and that we were using tools like Rational to capture the work that we're doing and to give some rigor to our software and application development. Because of all that, we were not behind the curve when the IT Dashboard came out. We were in a pretty good place to report and feel good about the work that we're doing in each of our projects. Each has its own risk and budget issues, but if you look at our dashboard scores, they're all green or yellow. At this point, we don't have any reds.

Download the first issue of InformationWeek Government, with our cover story on government transparency. Get it here. (Registration required.)