:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/6HASSPSOXNALXHFXTI4GACGZJI.jpg)
General Services Administration CIO Sonny Hashmi is leaving government at the beginning of April to take over as managing director of government for cloud platform provider Box. As he exits the public sector, Hashmi reflected on his four years at GSA — including program successes and failures — the transformation going on in federal IT and what needs to happen for that transition to continue. Below are edited excerpts from an interview with Federal Times Senior Writer Aaron Boyd.
What made you decide to leave the public space?
It is a very difficult decision for me. The work I have been doing with GSA and the federal government over the last three or four years now is accelerating, it is showing great promise, great results. As you know the 18F program migrated over to the cloud, reduced budget, improved performance. I have been very fortunate to be part of this amazing team and there is a lot more to do both at GSA and government wide.
I was not actively looking to leave GSA. I was very fortunate and happy to serve the administration, serve the administrator, but when [Box co-founder and CEO] Aaron [Levie] and I spoke a few months ago and then continued the discussion through [senior vice president of global alliances] Karen Appleton and others at Box, I realized that smart companies like Box have an amazing opportunity to help agencies rethink and change how services can be provided to citizens. That has been my passion my entire career. I have always been in the technology field and I have always been in the government technology field.
I look at this as a continuation of my career, my journey because my role at Box is going to be to find out ways to bring smart, innovative technology, secure technology like the Box platform and ecosystem partner technology to solve real government challenges that help agencies solve those challenges.
What was it about Box that was able to pull you away that another cloud company couldn't offer?
First of all, obviously I get a chance to work with many cloud providers and one of the things that I have always noticed and admired about Box is the caliber of the team. Some of the smartest people that I ever met both in the areas of security, in the areas of cloud computing, in the areas of scale, usability I've met at Box. So when you have a team that is that good, that focused, that energized you know good things are going to happen.
Second, what attracted me with Box is they are enterprise first company. It makes the incentives very clear. Their whole focus is and will be focused on enterprise solutions and enterprise customers. That makes it much more compelling opportunity for me because the decisions you have to make to serve the enterprise are sometimes different than the trade offs you have to make to primarily serve the individual user products. Box has been focusing on demonstrating high level of security, high level of cyber compliance — compliance with regulations like HIPAA and FINRA — and working with the federal government to go through the FedRAMP process.
That focus is what excites me because I know that the company is not only capable but serious about serving the enterprise customers.
![[ID=70335392]](/Portals/_default/Skins/PrestoLegacy/CommonCss/images/pullquote.jpg "Sonny Hashmi, GSA CIO [ID=70335392]")
Getting back to GSA, you're just one of a number of people leaving. What does that kind of turnover do, especially in the technology realm for all of the programs that are still outstanding?
I'll be the first to put on the record that not only do I believe but I know through demonstrable data this is an amazing agency to work in. Especially if you are a technologist. Whether it is the internal CIOs operations, whether it is the Office of Internal Affairs, whether it is 18F, whether it is federal acquisition service, the integrated technology service, the work that GSA does in the technology space is truly game changing.
We have such depth in our bench of folks who come from all over the industry, all over the government. I am personally sad to leave GSA, we are sad to see great leaders like [18F Director] Greg Godbout and others move onto bigger and better things. But it actually is a testament to a great team because there are always folks behind them who are able to pick up and keep the ball going forward without missing a beat. I don't hesitate to say for a second that not only will those programs continue, the agency will be very successful in making those programs a reality.
What were one or two major IT programs that you helped bring about, either as the deputy or in your time as the CIO that you think really left a mark on GSA?
I am not one to take credit for anything that I have done because it is all a team effort. And I have been fortunate to be part of a great team at GSA. We have done a lot over the last four years that I have been there. We look like a completely different IT organization than when I got there four years ago.
Some of the things that we can highlight: we are the first agency to move major operations to the cloud. This was a time before FedRAMP when many people were still wondering if cloud was going to be successful in government. I think we can all agree that cloud is not only here but it is going to be the default mechanism to implement IT moving forward in all different areas.
We implemented a cloud based application platform that allowed us to reduce application lifecycle costs by 90 percent on average and application time to market or time to value — what I call the time between an idea and a working code — by 75 percent. That has allowed us to save tens of millions of dollars in legacy applications. We have reduced over the last two years alone — through investments in cloud, through smart investments in decision making, through rationalization of applications, through efficiencies and many other programs like it — we have been able to reduce our IT spend by over 20 percent.
We have migrated to a completely open and collaborative workplace. There is no assigned space. Everybody is fully mobile. Everybody can get any and all of their work done from their mobile devices anywhere they are. It is a fully continuous environment whether you are working at home, whether you are working at a client site or whether you are working in the office. That is a huge undertaking and we are proud to make that happen.
We have implemented an open source, completely flexible in the cloud data stack for the first time that is already showing great results. We are using that big data environment to bring together performance and budgets and human resources across government and allowing stakeholders to make smart management decisions based on that data.
We have invested in an Internet of Things approach for building management. GSA is the largest landlord in the world. We manage over 10,000 facilities, over a third of a billion square feet of rentable real estate and we have aggressively pursued a path to integrate those buildings to make them smart so the sensors in those buildings can talk to the cloud and actually allow building managers and stakeholders to make decisions around various building management attributes, whether it's HVAC operations or building operations. Techniques like that have actually saved tremendous amounts of money.
As an example, at one of our buildings is in the Washington, D.C. area, by integrating two sensor networks, data into the cloud and doing analytics on it we were able to fix broken infrastructure components and a broken blower that saved about $600,000 a year to the taxpayers. Those are some of the big things we have done.
And then last thing I think it was one of the major issues was to consolidate and streamline our IT operations. We were structured in a completely different way. We had multiple CIOs. They were difficult to manage as an enterprise. About a year and a half ago, I undertook the initiative to bring all of that IT together and as part of that we have not only saved tremendous amounts of cost, but I think we have improved our service tremendously.
When it comes to cloud, when it comes to mobility, when it comes to collaboration I honestly don't think there is any other federal agency that has done as much as GSA has. It is not to belittle the efforts of other CIOs and other agencies, but I was fortunate to have the right alignment of leadership, of budgets, of priorities and the right team to be able to pull it off in a short amount of time.
What were the programs that you wish had been more successful? What were the failures?
About three or four years ago we changed our program management and limitation philosophy. We didn't call it agile or DevOps at the time, but essentially it was the same process. We put the policy in place understanding that putting that kind of a culture in place doesn't happen in a single day. That has to percolate. That has to get absorbed in the organization before everything starts moving in that direction.
So we immediately brought the smartest minds together. Within a matter of weeks we had the system operational. Then we also asked ourselves whether this was the right long-term strategy. Should we continue to build other programs like this: big, monolithic, kind of done in a black hole only to realize they left out an idea. And it completely changed that entire organization.
We went to a platform first approach. We actually are in the process of implementing an open source, scalable as-a-platform service environment that leverages the best of breed technologies and products that are scalable. We are seeing success because we are expecting every three weeks we have a new release, we have a new sprint going on.
And so I firmly believe this whole notion of IT failure is going to be with us for a while because the models that they are using are still fairly old in many cases across the government and industry. I think in the world where we're going, this whole concept of big IT failures is going to be obsolete. People realize that it is just not working and people are open to this model of continued delivery, continued integration, user centricity, getting the end user stakeholders and IT people in the same room and integrating based on that collaboration.
I am pretty excited about federal IT in this juncture. Every agency in the federal government is excited about this new model. It is a difficult shift, but I think we are over the tipping point and I think it will accelerate from there.
How do you see FITARA fitting in to the average workflow for an IT department at various agencies?
The Federal CIO's office has done exactly the right thing to bring together a cross functional community of experts. Because FITARA is not just an IT bill. It is called the Federal IT Acquisition Reform Act. It touches the acquisition community, it touches the budget community and financial CFO community. It changes the COO's role.
The solution and the right approach to FITARA, which is exactly what OMB is doing, is to bring together leaders across the federal government from the CFO community to the agency budgeting officers, chief operating officers, chief acquisition officers, CIOs and others to have this discussion around what makes sense.
I see FITARA as a positive step towards taking the federal government to a place where technology is a core driver of mission outcomes. It is not just looked at as a utility provider of network services and that stuff, but really an asset to the organization — a differentiator that can add value to business outcomes, mission outcomes. So FITARA is a good step in that direction.
It was interesting for us [at GSA] because we initiated our consolidation and IT reform activity before FITARA was passed. We are proud to have played a small role in that process and it makes sense for us.
In the case of GSA — which is the only agency I am going to speak for — what made sense to us was a consolidated IT organization that provided the entire suite of IT services. Everything from the most commodity areas of IT — network services and that stuff — to the most strategic areas of IT, which is mission areas and improving business processes and doing data analytics and providing thought leadership around businesses and things like that.
We are very fortunate to have a leadership team at GSA that recognizes the value of IT and that we are able to and interested and willing to have that conversation at a more strategic level with IT. It makes sense for us to not only improve our internal processes but to really develop a new business relationship with IT within GSA. That model may not apply to everybody. It may not be the right one for everybody, but the take away for FITARA is still relevant and needs to be leveraged to make the right decision within agencies.
Being at GSA you have a unique perspective. The internal operations, obviously, but you also have a perspective on how agencies across the government are buying IT services and products. What do you think needs to change?
There are people much smarter than me who are better able to answer that question. But from my perspective as a practitioner there are a few things that I think would have a considerable, positive impact on IT programs.
The first thing is strategic acquisition of IT. Historically across the federal government the way they bought things, whether it is IT or not, has been in a very technical manner. We have over 60,000 acquisition professionals in the government. We have hundreds of acquisition authorities, which means individual organizations have the ability to go out and buy stuff individually without having to go through another body. When you have this environment where products and services are being acquired in a very decentralized, very haphazard fashion it is nearly impossible to apply any strategic leverage to that equation.
Look at organizations in the private sector that do a lot of acquisitions. We look at a lot of companies like Walmart, Target and IBM that manage billions of dollars of products and services. You know they don't do it that way. They don't have 500 departments buying individually. They don't have to tell each other what they are doing. They analyze data, they look at trends of what they need, what they are buying, forecast and then use that data to really negotiate and use that as leverage to get a better deal, to be more strategic. That is essential.
How it applies to IT is the same way it applies to other non IT areas and that is exactly what GSA has been charging very hard on. That is exactly the direction from the administrator of the office of public policy, me and also government wide policy at GSA.
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/6HASSPSOXNALXHFXTI4GACGZJI.jpg)
So if you are going to buy cybersecurity services the Department of Homeland Security is probably one of if not the primary expert in that category. They should know the markets, they should know the players, they should know the demand, they should really understand how the market is going in that direction. Similarly, if you are going to buy IT hardware, you want to buy IT software, you want to buy services there are category managers that are responsible for working with the industry, forecasting where the industry is going, forecasting where the demand is and really helping to create that environment where consumers and providers can come together in a curated way to be able to make the best decisions around acquisition.
That has already proven immensely powerful when implemented. And we want to scale that considerably.
The second thing I think is a new relationship with the industry needs to be built. So historically, we have bought IT services in the same manner largely as we buy pencils and staplers. We specify to the nth degree what we need. We go to the market and we negotiate for a fixed price solution that meets that need. We come back and we find ourselves very quickly in an environment where we have specified needs either inadequately or to a level of detail that doesn't give us flexibility as things change. If we didn't do a good job specifying our needs then the industry didn't understand what we are asking for and so the solutions they offer were not the right ones. All of a sudden you find yourself in a situation where you don't have the flexibility and the mechanism to correct things as they emerge along the way. That is something that needs to change. I don't know what the solution is but there are many ideas that people smarter than myself are exploring.
Somehow, we need to create an environment where IT services can be acquired in a very continuous, agile way. Both industry and the government have incentives to make these things successful and to pivot and change as conditions change. We cannot continue to buy IT in an environment where everything changes every six months. Where the only way to buy something is to lock down into one fixed agreement for five years or more. It just is not going to work.
The third, last thing I will say on this front is the question of skillset. As a current federal executive and having been a fed for several years I can attest this is a challenge that exists in our organization as well as many other organizations. We in federal IT have atrophied real tech skillsets for a long time. We have become folks who are very adept at navigating the federal bureaucracy. We know how to do an acquisition. We know how to pay an invoice. We know how to do a vendor evaluation. But we actually don't know technology.
We have an inadequate number and scale of folks within the federal government at large that really understand at a deep level technology, strategy, platform, solution architecture, data engineering and data management, analytics, business process modeling. All of these kind of really deep skill sets that are disciplined that people go to school for and really spend their life perfecting. We have sort of atrophied that.
As a result of that we have lost or in many cases at least diminished the ability for federal employees to be better buyers. We don't often know what the state of the art is, what the technology strategy should be. We don't know what to buy. We don't know what to ask for. When we get solutions we don't know if they are the right ones, if they are the right strategic ones, if they align with the strategies of the agency.
So we end up buying a lot of point solutions where we say this is a very specific problem we are having today and if your solution can solve this very specific problem then we will pay you competitively for it. But what ends up happening is in the absence of strategy you end up with hundreds of these point solutions that are designed and individually optimized within their own bylaws, but not optimized across the organization. They don't talk to each other, data doesn't flow.
A lot of that in my view, honestly, stems from this challenge of not having the right IT techies who really understand deep technology, deep strategy, deep enterprise architecture within government. So we have to change that dynamic. We somehow have to create a way to incentivize, provide the right enticement, the right brand to hire and bring in the right tech talent back into government to be able to help guide us be better buyers.
One of the ways we are doing this is with 18F and the USDS organization. The idea is to bring the best and brightest into the organizations. We give them very challenging problems to solve, follow the prototyping approach. Do a minimally viable product. And then help agencies through that experience understand what are the right things to be buying, what are the right approaches. That already has tremendous potential, tremendous value.
And we also need to incentivize behavior through whichever mechanisms we can think of to make sure that these people have interesting, challenging things to do. Especially the Gen Yers and the Millenials. They don't want to go and start a job and be doing the same job for 10 years. They want to solve a critical problem, then they want to go to the next problem and the next problem and they want to create an environment where they can do that.
That is one area that I would like to see continuous movement and scalability on. I think that is a critical thing.
Do you think you will be back in the public space again in the future?
Yea. I don't see why not. I never put anything out of the realm of possibility. I am a public servant. My entire career I have served the public interest in either the public sector or the private sector. Even though I have been in the private sector I have always served government — state, local or federal government in some way, shape or form and I see this as a continuum as a step along that continuum.
I don't know what the future holds. I am very excited about my new role. I have lots of plans and a lot of work to do in front of me. At some point in the future if the right opportunity to serve resurfaces again I will consider it and consider it an honor.
You spent four years in the federal government — what do you think your legacy is going to be?
I consider myself in some ways to have made a significant difference. In other ways I feel like I haven't been here as long as many of the other folks around me have. I can certainly learn from more of a tenure.
I would like to think that as part of the overall administration that has been actively working on reforming IT in the federal government for many years that I was able to play a role in adoption of cloud solutions and government. We changed the conversation from, can the cloud ever work in government to now that we know that it can and does. That is a huge cultural shift. To be able to go from A to B in a relatively small period of time is pretty remarkable I think. I don't pretend that I have done that somehow myself; certainly it is initiative and vision led by the federal CIOs office and may other people who are involved, but I would like to think that I played a role in that continuum.
The other area that I think I would like to say that GSA while I have been there has done a lot of interesting work. Really elevating the role of information technology to be a business partner, advisor, consultant and focusing and delivering on business value enabled systems. I would hope that we shift the culture within IT and federal government and continue to do that in a way that federal CIOs are not just looked at as folks who keep my Blackberry running, but they are looked at as advisors and thought leaders that business leaders can go to and get advice on how to solve some of the most difficult problems.
It has been extremely rewarding not just with the IT but I think with the agency. And I would hope that model continues to grow in scale.
Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/4A7TXY6S25CHNFUQZFEWFKGGKQ.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/TDNTEOCRVZFQNNDUCNB36UIZZA.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/IFXYL4LBAVC6XMT3CLC4GK3RRU.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/S4XC5DQODNCT5NZW64DPV6QSCM.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/archetype/ORFEONCEKAZTITDTIVGTASZXGQ.jpg)