VA’s Baker: Commercial software is often the best option

The Veterans Affairs Department will continue building out its software systems with commercial products and cloud services rather than trying to develop things in-house, VA CIO Roger Baker said in a keynote address at the Management of Change conference May 17.

"I'm not going to build the next application," he told the ACT/IAC conference in Hot Springs, Va. "I am convinced that the government cannot build a better Facebook or e-Bay" than the private sector can.

The VA could add proprietary software to its open-source systems if that meets the needs of the department, he added.

He said that as technology has matured, the government's needs have become, by and large, less unique and therefore less dependent on creating its own technology. When developing a solution, it’s increasingly common to find a commercial offering that can do almost everything the agency needs, at which point agencies usually can find ways to work around the rest – if they are willing, he said.

Baker recalled one incident when he found a commercial package that could meet 80 percent of the stated requirements for a project, but the manager in charge insisted the solution must meet all the requirements.

"I said, well that was your requirement last time and you got zero percent of your requirements over the past 10 years," Baker said. "Would you rather have zero percent or 80 percent?"

However, when accepting products from the private sector, Baker said it is a CIO's responsibility to ensure that they are secure and will keep sensitive information out of unauthorized hands.

"We don't go down the path of 'we want to look at all your code,'" he said, in response to an audience member's question. "We're interested more in where the data is going to be stored. When you store it, are you encrypting it."

Look at source code isn't effective, he said. "If you're a good hacker, you can bury a hack deep enough in the code that a cursory examination" won't find it.

About the Author

Technology journalist Michael Hardy is a former FCW editor.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.