Information Technology Trends in the U.S. Federal Government Barry West, CIO Pension Benefit Guaranty Corporation February 27, 2014 1 The “Cloud First” Trend Federal CIO’s Rationale behind “Cloud First” 2 TOPICS FOR DISCUSSION QUESTIONS I HOPE TO ANSWER What is the mission and purpose of the Pension Benefit Guaranty Corporation (PBGC)? How are current trends affecting records management, document management and enterprise content management? How can industry help government as CIO’s transform their organizations leveraging today’s technologies? How are CIO’s leveraging multiple technology trends over a government landscape that has included a sequestration, shutdown and continuous budget cuts? What is the importance of cyber security and how is it affecting every aspect of our business in both the public and private sectors? How must a CIO balance integrating current technology with meeting the needs of the business units? What the difference is between managed services and cloud computing? What are the top technology trends over the next 3 years for every CIO in the public and private sectors How cyber security will continue to grow and be embraced by not only IT but every part of the business? How industry can help with innovation and what the future holds? 3 SLIDE PRESENTATION AGENDA PBGC CURRENT TRENDS TRANSFORMATION DRIVERS DIGITAL SERVICES LAYERS → INFORMATION LAYER → PLATFORM LAYER → PRESENTATION LAYER PBGC’S APPROACH → PBGC’S IT STRATEGIC DIRECTION → ALIGNMENT TO PBGC GOALS CLOUD COMPUTING → CLOUD COMPUTING MODELS → CLOUD COMPUTING SERVICES PBGC’S CLOUD FOOTPRINT PBGC’S CUSTOMER OUTREACH ADMINISTRATOR SELF SERVICES PARTICIPANT SELF SERVICES 4 PBGC What is the Pension Benefit Guaranty Corporation (PBGC) Federal Government Corporation Established under Title IV of the Employee Retirement Income Security Act of 1974 (ERISA) Governance: → Headed by a Director who is appointed by the President and confirmed by the Senate. → Board of Directors: Secretaries of Labor, Commerce, and Treasury, with Secretary of Labor as Chair → Aided by a seven-member Advisory Committee appointed by the President of the United States to represent the interests of labor, employers, and the general public. → Advisory Committee, including advising on policies and procedures for PBGC's investments, the trusteeship of terminated plans, and on other matters as determined by PBGC Mission is to encourage the continuation and maintenance of private-sector defined benefit pension plans, provide timely and uninterrupted payment of pension benefits, and keep the insurance premiums at a minimum 5 PBGC What is the PBGC’s Purpose Mission is to encourage the continuation and maintenance of private-sector defined benefit pension plans, provide timely and uninterrupted payment of pension benefits, and keep the insurance premiums at a minimum Protects pensions of 43 million workers and retirees in 24,000+ private-sector defined benefit pension plans Defined benefit plans provide a specified monthly benefit at retirement, often based on a combination of salary and years of service Receives no funds from general tax revenues. Self-funded: (FY 2013) → collected over $3 billion in premiums → $85 billion in investments under management (funds from pension plans PBGC takes over) → $2.6 billion in investment earnings → paid 850,000 participants nearly $5.5 billion in pension benefits → paid out $89 million to benefit another 50,000 participants in multiemployer pension plans → received a 90 rating from The American Customer Satisfaction Index, of 80+ is excellent 6 CURRENT TRENDS DIGITAL GOVERNMENT: BUILDING A 21ST CENTURY PLATFORM TO BETTER SERVE THE AMERICAN PEOPLE (MAY 23, 2012) Administration’s Strategy Objectives Enable the American people and an increasingly mobile workforce to access high-quality digital government information and services anywhere, anytime, on any device Ensure that as the government adjusts to this new digital world, we seize the opportunity to procure and manage devices, applications, and data in smart, secure and affordable ways Unlock the power of government data to spur innovation across our Nation and improve the quality of services for the American people * Source: DIGITAL GOVERNMENT: BUILDING A 21ST CENTURY PLATFORM TO BETTER SERVE THE AMERICAN PEOPLE (MAY 23, 2012) 7 TRANSFORMATION DRIVERS Administration’s Four Overarching Principles Information Centric → Make Open Data, Content, and Web APIs the New Default → Make Existing High-Value Data and Content Available through Web APIs Shared-First → Establish a Digital Services Innovation Center and Advisory Group → Establish Intra-Agency Governance to Improve Delivery of Digital Services → Shift to an Enterprise-Wide Asset Management and Procurement Model Customer Centric Information Centric → Deliver Better Services Using Modern Tools and Techniques → Improve Priority Customer-Facing services for Mobile Use → Measure Performance and Customer Satisfactions to Improves Service Delivery Security and Privacy → Promote the Safe and Secure Adoption of New Technologies → Evaluate and Streamline Security and Privacy Policies * Source: DIGITAL GOVERNMENT: BUILDING A 21ST CENTURY PLATFORM TO BETTER SERVE THE AMERICAN PEOPLE (MAY 23, 2012) 8 Digital Services Layers CONCEPTUAL MODEL to Meet Transformation Drivers Information Layer: → Contains both structured and unstructured data → Examples include: – – – Census or employment data (Structured) Fact sheets or Press releases (Unstructured) Compliance guidance (Unstructured) “Customers” American People Employees Gov’t Digital Services (Websites & Applications) Private Sector Digital Services (Websites & Applications) Platform Layer: → Includes all systems and processes to manage the information → Examples include: – – Web APIs and applications development supporting mission critical functions Hardware used to access information (e.g. mobile phones) Presentation Layer: → Defines manner in which information is organized and provided to customer → Represents delivery model – – Websites, Mobile applications, etc. Security And Privacy: → Must be safe and secure → Transparent and accountable Systems, Process Management and Web APIs Open Data & Content Information Security & Privacy Presentation Layer Platform Layer Information Layer 9 INFORMATION LAYER Meeting the Information Centric Principle “open data & content information” Requires the “Decoupling” of information from its presentation Describe data clearly → Sound taxonomy, making it searchable → Adequate meta data making it authoritative Preparing data for publications → Improve quality, accessibility, timeliness, and usability → Identify and high-value data and content → Evaluate for release to other agencies and the public → Make high-value data discrete and digestible → Assign metadata tags to high-value data → Embed security and privacy controls into structured data and metadata Expose machine-readable data to other computers (WEB APIs) → Publish high-value data and content timely → Make it easily acceptable for external use as applicable → Post it at agency.gov/developer in machine-readable format 10 PLATFORM LAYER IT Shared Services Conceptual Overview “build once, use many times” Channels Public, Community, Hybrid, Private Clouds Standard Termination Administration Premium Processing Benefit Administration and Payment Management Financial Management H. R. Management Records Management Email, Help Desk, & Collaboration Example Service Types Infrastructure & Asset Management Category Inter-Agency Lines of Business / Business Centers Intra-Agency Lines Shared Services Centers Commodity IT Support IT Mission IT Websites & Content Management Level Online Service Catalog IT shared service is defined as: An information technology function that is provided for consumption by multiple organizations within or between Federal Agencies. There are three general categories of IT shared services: commodity, support, and mission; which are delivered through cloud-based or legacy infrastructure.* Legacy Intranets / Extranets *http://www.whitehouse.gov/sites/default/files/omb/assets/egov_docs/shared_services_strategy.pdf 11 PRESENTATION LAYER Meeting the Customer Centric Principle “anytime, anywhere, any device” “Customers don’t know – and don’t care to know – how government is organized. So why make them go from agency [website] to agency [website] to get the full picture of what gov’t has to offer on any subject?”* Customer Centric means that agencies: → Respond to customer needs → Make it easy to find and share information and accomplish important tasks. Digital services must be designed and delivered with: → Customer service first → Technologies used by customers, i.e. – today’s customers, today’s technologies → Content optimized for modern platforms, rather than just translating content from paper-based documents to the Web → Agencies keeping current with the latest design concepts and refreshing delivery mechanism to ensure the highest performance Identifying and optimizing top tasks, content, and transactions Optimizing for usability, search, and accessibility * Source: DIGITAL GOVERNMENT: BUILDING A 21ST CENTURY PLATFORM TO BETTER SERVE THE AMERICAN PEOPLE (MAY 23, 2012) 12 SECURITY AND PRIVACY Meeting the Security and Privacy Principles “Cross-Agency Priority Goal: Cybersecurity”* Goal Statement: Executive branch departments and agencies will achieve 95% implementation of the Administration’s priority cybersecurity capabilities by the end of FY 2014 Focus efforts on: → what data and information is entering and exiting their networks, → what components are on their information networks and when their security status changes, and → who is on their systems. Administration Priorities for Meeting the Goals → Trusted Internet Connections (TIC) - Consolidate external Internet traffic and ensure a set of common security capabilities for situational awareness and enhanced monitoring. → Continuous Monitoring of Federal Information Systems - Transform the historically static security control assessment and authorization process into an integral part of a dynamic enterprise-wide risk management process. → Strong Authentication – Ensure only authorized employees have access to Federal information systems by requiring a higher level of assurance following the HSPD-12 Personal Identity Verification standard * Source: http://goals.performance.gov/goals_2013 13 PBGC’S APPROACH “PBGC’s IT Strategic Direction” 14 ALIGNMENT TO PBGC GOALS PBGC’s IT Strategic Direction # Focus IT Goals Secure PBGC’s IT to ensure confidentiality, 1 Strategic availability and integrity of systems and data 2 Strategic 3 Strategic 4 Strategic 5 Strategic 6 Enabling 7 Enabling 8 Enabling Modernize and innovate PBGC’s IT solutions through the use of cloud computing and shared services to enable a flexible, reliable, secure, and cost-effective environment Standardize the management and sharing of data across the enterprise and enable enhanced analytical capabilities Improve internal and external social collaboration and communication Increase the use of mobility to support the changing needs and requirements of PBGC’s customers and workforce Improve IT service delivery to add business value, achieve efficiency, and increase customer satisfaction Mature IT governance to foster business agility Build and equip a highly capable IT workforce with competencies and tools to support current and future IT initiatives Focus Area Preserve Plans & Protect Pensions Timely and Accurate Benefits Cyber/IT Security Cloud Computing and Shared Services High Standards of Stewardship and Accountability Information/D ata Social Collaboration Mobility Customer Service Governance IT Workforce 15 PBGC IT SP MAPPED TO DSL Digital Services Layers PBGC IT Strategic Initiatives Cyber/IT Security “Customers” Security Private Sector Digital Services (Websites & Applications) Customers Presentation Layer Cyber/IT Gov’t Digital Services (Websites & Applications) Employees Systems, Process Management and Web APIs Platform Layer Open Data & Content Information Information Layer Security & Privacy Cyber/IT Security American People Cyber/IT Security 16 CLOUD COMPUTING What and Why? Cloud computing is “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e g , networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” * Cloud computing is shared services** Drivers: → Increased agility responding to workload fluctuations → Improved productivity in application development, application management, network, and end-user** → Improved asset utilization** → Shift focus from asset ownership to service management** Source: National Institute of Standards and Technology (NIST), Special Publication 800-145 ** FEDERAL CLOUD COMPUTING STRATEGY Vivek Kundra ,U.S. Chief Information Officer FEBRUARY 8 , 2 011 17 CLOUD COMPUTING MODELS Public Cloud – → → → Cloud infrastructure is provisioned for open use by the general public Owned, managed, and operated by a business, academic, or government organization, or some combination of them Resources exist on the premises of the cloud provider Community Cloud – → → → Cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns. Owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them Resources may or may not exist on the premises of the cloud provider Hybrid Cloud – → → → → Cloud infrastructure is comprised of two or more distinct cloud infrastructures (private, community, or public) infrastructures remain unique entities Bound together by standardized or proprietary technology that enables data and application portability Resources may or may not exist on the premises of the cloud provider. Private Cloud – → → → Cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers Owned, managed, and operated by the organization, a third party, or some combination of them, 18 Resources may or may not exist on the premises of the cloud provider CLOUD COMPUTING SERVICES Software as a Service (SaaS) – → Capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. → Applications are accessible from various client devices through either a thin client interface, such as a web browser, or a program interface. Platform as a Service (PaaS) – → Capability provided to the consumer is to deploy on a cloud infrastructure consumer-created or acquired applications. → Programming languages, libraries, services, and tools need for applications are supported by the provider. Infrastructure as a Service (IaaS) – → Capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources → Consumer is able to deploy and run arbitrary software, which can include operating systems and applications. * Source: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf 19 PBGC’S CLOUD FOOTPRINT Private Cloud Public Cloud PaaS SaaS PaaS IaaS Hybrid Cloud CFO Applications CMO Applications CMO Applications CFO Applications OGC Applications EEO Applications SaaS SaaS Model Key Currently deployed Planned deployment Community Cloud 20 PBGC’S CUSTOMER OUTREACH Unclaimed Pension Search → Accounts for up to 45% of PBGC’s daily traffic → 6,000 visitors per day → 1.62 million views per day when highlighted on YAHOO.com Open Government Webpage → Created few years ago in response to the Presidential Initiative → Host six high-value data sets → over 10,000 customers subscribed to updates Federal Web Analytics Integration → Integrated web analytics using the Adobe tool, SiteCatalyst) with Foresee ACSI search results and our GovDelivey email management service → Sent over 1.5 million emails in 2013 21 ADMINISTRATOR SELF SERVICES My Plan Administration Account (My PAA) Secure Web-based application that enables pension plan professionals to electronically submit premium filings and payments to PBGC in accordance with PBGC's regulations PBGC's mandatory e-filing requirements apply to all types of filings, including both original and amended filings Streamlines the premium filing process for users Assists users prepare, and PBGC process, premium filings faster and more accurately Provides immediate confirmation of date and time that PBGC received filing. Helps PBGC provide more accurate and timely invoices Speeds refund processing Offers filing options that enable filers to view premium data submitted Enables on-line access to plan premium filing account histories 22 PARTICIPANT SELF SERVICES My Pension Benefit Account (My PBA) Secure Web-based application that enables participants in plans, for which PBGC is trustee, to electronically conduct certain common transactions → View and print IRS Form 1099-R (which reports pension payments from PBGC) for income tax filing → Request a benefit payment estimate be mailed → Apply for pension benefits → Designate or change beneficiary information → Change address, telephone number, or e-mail address → Designate or edit federal tax withholdings → Apply for electronic direct deposit (EDD) or edit existing EDD information → View payment information such as address of record, payment status, and canceled checks 23 Questions 24