At the intersection of the forces of technology and place is NASA’s need to architect and implement secure sharing in a data-first organization. The ability of organizations to leverage data to drive insights to action is the fuel of the future. And yet data access is often extremely limited due to underlying tensions between sharing and security, role-defined versus open data, and a decentralized operating model. As more work is conducted anywhere and anytime, protecting sensitive data and keeping systems secure is critical. At the same time, ensuring the ability to share information via dashboards, portals, and online reports, as well as offering self-service options, are just as vital.
As the Presidential Management Agenda observed, the use of data is transforming society, business, and the economy. As more work is conducted virtually, keeping sensitive data and systems secure, sharing information, and offering self-service options will be critical to ushering in a modern government. Technology modernization initiatives and data access are the backbone to improving accountability to taxpayers and achieving mission results.
Further, there is a well-known tension in government: the requirement for protection and security competes with the mandate for openness and accessibility. For the emerging generation of knowledge workers, this tension manifests itself when these workers are challenged to access the data needed to inform decision-making. As a consequence, relevant information is siloed in highly insulated systems that only few can access and usable self-service options for sharing data securely do not exist or are not ace universally available.
Striking a balance between data sharing and security remains an organizational strain and is particularly difficult for NASA. The Agency requires an integrated approach to using data to deliver on mission goals, serve customers, and steward resources. The tension between sharing and secure solutions, combined with increasing self-service demands, creates a unique challenge in government, where budgets and expertise are often more limited than in the private sector.
As NASA seeks to manage tensions and steer toward more self-service options, the Agency must design and implement an integrated workforce data management strategy that defines a common data architecture to allow for the secure integration and sharing of data, inclusive of “data-first” standards and practices. The strategy requires the development of shared standards and policies around basic issues like password strength, multi-factor authentication, social engineering, and network security to inform its workforce of cybersecurity risks. NASA may consider moving towards a risk-based approach for securing systems that places emphasis on data-level protections and that fully leverages modern virtualized technologies (President’s Report on Federal IT Modernization NASA, 2018). This approach requires a modern data architecture as well as an aligned management structure to balance risk and security.
Along with risk come the element of trust: erasing boundaries within and beyond the information technology sector means that cybersecurity risk must become the concern of everyone. A baseline level of training regarding effective IT security, data security, and systems management must not only be offered, but embraced by users at all levels.
As NASA prepares for the Future of Work, the Agency must intentionally design for increased self-service. A self-service approach provides previously unavailable direct access to data and platforms that employees can use to more efficiently deliver government services anywhere at any time. Online self-service capabilities will provide the workforce round-the-clock access to real-time information, reducing the time employees need to navigate siloed systems and refocusing time saved to pursue mission objectives.
About the Authors
Nick Skytland | Nick has pioneered new ways of doing business in both government and industry for nearly two decades. He leads the Future of Work initiative at NASA and is the Agency Talent and Technology Strategist in the Talent Strategy and Engagement Division within the Office of the Chief Human Capital Officer (OCHCO).