As the federal government continues to push ahead with IT modernization, agencies have no choice but to complete comprehensive inventories of two related and equally important components: software licenses and telecommunication assets.
Both are integral steps toward the overall goal of modernizing the government’s collective information technology. Without a thorough dissection of what’s on their networks, agencies could open themselves to both cybersecurity and mission support vulnerabilities.
But despite a law compelling agencies to document their software licenses, 14 agencies failed the metric on the most recent FITARA scorecard in May. And a quarterly report on modernization milestones under the President’s Management Agenda found last week that software asset management had digressed from its previous report.
The software license goals mirror the ongoing implementation of General Services Administration’s Enterprise Infrastructure Solutions contract. The $50 billion next-generation telecommunications program, which is set to go online in 2020, calls for agencies to identify their current assets before adding new technology to the network. The goals — with the costly delays of the Networx contract a decade earlier in mind — include streamlining the transition timeline and reducing the attack surface.
Telecom hardware and software is “really just a different flavor of commodity IT,” said Carol Harris, the GAO’s director of information technology. “In terms of transitioning to EIS, agencies should be adopting similar practices as they would be in software licensing. You should be developing an asset service inventory. It really does track very closely to software licensing.”
But Harris said that agencies are having trouble with telecom inventories as well, pointing to a September 2017 GAO report that found of five agencies — the Securities and Exchange Commission, the Social Security Administration and the departments of Labor, Transportation and Agriculture — only the SEC had a full inventory of such assets on its networks.
With all of this in mind, the idea is that the 2020 deadlines for software license management and for telecom asset inventories should reinforce each other.
“I do think the EIS transition can help the consolidation by forcing each of these agencies to take an inventory,” Harris said. “It’s really up to the agencies to make this a top priority and make sure that they have complete and comprehensive inventories so they are better able to position themselves when the EIS transition takes place.”
Bill Zielinski, GSA’s deputy assistant commissioner of Office of Information Technology Category, said in an email that though the EIS transition and software license management are handled independently, the agency is working with federal partners on both through its GSA Transition Ordering Assistance program for EIS solicitations and its Software License Management Service.
Harris said that GAO has plans to examine agency progress on the EIS transition later this summer, but added that both issues were integral to bolstering agencies’ technology infrastructures at a time where modernization was a key goal.
“Making the establishment of software and telecom inventories, we need to shine a brighter light on it to make sure that agencies have this as a top priority because it’s just so critical,” she said. “Especially for making their operations more efficient and effective.”