OMB stresses FDCC compliance means 100 percent

In a spirited discussion, the Office of Management and Budget made it clear to agencies that compliance with the Feb. 1 deadline for adoption of the Federal Desktop Core Configuration for Microsoft Windows XP and Vista means all PCs that use the operating systems must have the standard image.

Wendy Liberante, OMB’s Government-to-Business portfolio manager and a policy analyst heading the FDCC initiative, told an agency and industry audience yesterday that the administration expects 100 percent compliance, but there also are some realistic and pragmatic issues that have to be worked through.

She said OMB will be issuing a data call in the next few days asking agencies to submit a report by Feb. 1 detailing the number of systems that use XP or Vista and the number that have adopted the FDCC image.

“If you are not compliant, we want to know how far off you are,” Liberante said during a conference on the core desktop standard sponsored by the National Institute of Standards and Technology in Gaithersburg, Md. “We want agencies to understand their universe and have a plan to get to FDCC compliance.”

Some agencies, such as the Agency for International Development, have had little trouble complying, but others in the audience said the settings would break their systems.

One  audience member said their agency had a choice: Implement the FDCC and take down their entire network serving 180,000 users, or tell their secretary that they will get a red score from OMB on this yearlong mandate.

“FDCC crashes our system,” said the audience member, who did not identify their agency. “OMB’s initial assumption is wrong that you can apply the FDCC without breaking your system.”

Another audience member from the U.S. Patent and Trademark Office said they will not be FDCC compliant because they have a problem with a number of the settings.

Liberante said that although OMB does not want this agency to have their systems shut down, agencies need to understand what they have to do to comply with the mandate.

“I’m hopeful you have some justifications on why you can’t comply when you deliver your report to OMB,” Liberante said.

She also emphasized that when agencies submit their detailed technical reports on compliance and any deviations from the standard to NIST and OMB  March 31, the deviations are not waivers. Rather, the deviations are issues that NIST and OMB will work through to see if they are true problems or something that can be fixed.

“You know what your anomalies are,” Liberante said. “You need to tell us what your outliers are and the reasons why they are not compliant.”

NIST already has submitted to OMB a FDCC update to try to correct known issues, including that the standard doesn’t allow the use of Java and some firewall settings don't work. 

Andrew Buttner, an expert with Mitre Corp., said NIST and OMB recognize there are problems with the image and the settings will need to be adjusted.

Liberante said there is no scheduled update for the FDCC image, but it will happen as needed.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.