January 20, 2022

News

News Network

Internet of Things: Information on Use by Federal Agencies

14 min read
<div>Many federal agencies (56 of 90) responding to GAO's survey reported using Internet of Things (IoT) technologies. Most often, agencies reported using IoT to: (1) control or monitor equipment or systems (42 of 56); (2) control access to devices or facilities (39 of 56); or (3) track physical assets (28 of 56) such as fleet vehicles or agency property. Agencies also reported using IoT devices to perform tasks such as monitoring water quality, watching the nation's borders, and controlling ships in waterway locks. Furthermore, IoT use by federal agencies may increase in the future, as many agencies reported planning to begin or expand the use of IoT. However, 13 agencies not using IoT technologies reported they did not plan to use the technologies for a range of reasons, including insufficient return on investment. Example of Government's Use of Internet of Things Technology: Environmental Protection Agency's (EPA) Water Monitoring Buoy Surveyed agencies most frequently reported increasing data collection (45 of 74), and increasing operational efficiency (43 of 74) as benefits of using IoT technologies. Increasing data collection can aid decision-making and support technology development; increased efficiencies may allow agencies to accomplish more with existing resources. According to EPA officials, sensors are able to transmit data eliminating the need for employees to visit sites to collect data. The Saint Lawrence Seaway Development Corporation reported that IoT technologies helped improve transit times through its locks. Agencies most frequently reported cybersecurity issues (43 of 74) and interoperability (30 of 74) as the most significant challenges to adopting IoT technologies. For example, the Transportation Security Administration's officials told us they could not ensure the security and privacy of passenger information and subsequently took its network-connected security equipment offline until they developed a solution. Most agencies' officials responding to GAO's survey (54 of 72), as well as officials interviewed as part of the case studies, reported using information technology (IT) policies developed by their agency, versus internal IoT-specific policies, to manage IoT technologies. Some agencies reported their IT policies were sufficient for the current challenges and risks associated with adopting IoT technologies, including cybersecurity. The Office of Management and Budget's officials stated they do not typically make policies for specific IT components but if needed would work with the National Institute of Standards and Technology and others to develop such policies. IoT generally refers to devices—from sensors in vehicles to building thermostats— that collect information, communicate it to a network, and may complete a task based on that information. Although IoT technologies may present an opportunity for the federal government to operate more efficiently and effectively, federal agencies may also face challenges in acquiring and using IoT. GAO was asked to review the federal government's experience with IoT. This report describes (1) IoT technologies selected federal agencies are using, (2) the benefits and challenges of using IoT technologies, and (3) policies and guidance selected agencies follow in using and acquiring IoT technologies. GAO surveyed 115 Chief Information Officers (CIO) and senior IT officials at federal agencies and subcomponents based on, in part, agency membership in the federal CIO Council; 90 responded. However, not all agencies replied to each question. GAO also selected the Department of Commerce, the Department of Homeland Security, EPA, and the National Aeronautics and Space Administration as case studies. GAO selected these agencies based on, among other things, their fiscal year 2020 IT budgets and examples of IoT use from literature. For each case study, GAO reviewed documents and interviewed officials from the Office of the CIO from the agency and officials from selected sub-components that use the IoT technologies. For more information, contact Andrew Von Ah at (202) 512-2834 or vonaha@gao.gov.</div>

What GAO Found

Many federal agencies (56 of 90) responding to GAO’s survey reported using Internet of Things (IoT) technologies. Most often, agencies reported using IoT to: (1) control or monitor equipment or systems (42 of 56); (2) control access to devices or facilities (39 of 56); or (3) track physical assets (28 of 56) such as fleet vehicles or agency property. Agencies also reported using IoT devices to perform tasks such as monitoring water quality, watching the nation’s borders, and controlling ships in waterway locks. Furthermore, IoT use by federal agencies may increase in the future, as many agencies reported planning to begin or expand the use of IoT. However, 13 agencies not using IoT technologies reported they did not plan to use the technologies for a range of reasons, including insufficient return on investment.

Example of Government’s Use of Internet of Things Technology: Environmental Protection Agency’s (EPA) Water Monitoring Buoy

Surveyed agencies most frequently reported increasing data collection (45 of 74), and increasing operational efficiency (43 of 74) as benefits of using IoT technologies. Increasing data collection can aid decision-making and support technology development; increased efficiencies may allow agencies to accomplish more with existing resources. According to EPA officials, sensors are able to transmit data eliminating the need for employees to visit sites to collect data. The Saint Lawrence Seaway Development Corporation reported that IoT technologies helped improve transit times through its locks. Agencies most frequently reported cybersecurity issues (43 of 74) and interoperability (30 of 74) as the most significant challenges to adopting IoT technologies. For example, the Transportation Security Administration’s officials told us they could not ensure the security and privacy of passenger information and subsequently took its network-connected security equipment offline until they developed a solution.

Most agencies’ officials responding to GAO’s survey (54 of 72), as well as officials interviewed as part of the case studies, reported using information technology (IT) policies developed by their agency, versus internal IoT-specific policies, to manage IoT technologies. Some agencies reported their IT policies were sufficient for the current challenges and risks associated with adopting IoT technologies, including cybersecurity. The Office of Management and Budget’s officials stated they do not typically make policies for specific IT components but if needed would work with the National Institute of Standards and Technology and others to develop such policies.

Why GAO Did This Study

IoT generally refers to devices—from sensors in vehicles to building thermostats— that collect information, communicate it to a network, and may complete a task based on that information. Although IoT technologies may present an opportunity for the federal government to operate more efficiently and effectively, federal agencies may also face challenges in acquiring and using IoT.

GAO was asked to review the federal government’s experience with IoT. This report describes (1) IoT technologies selected federal agencies are using, (2) the benefits and challenges of using IoT technologies, and (3) policies and guidance selected agencies follow in using and acquiring IoT technologies. GAO surveyed 115 Chief Information Officers (CIO) and senior IT officials at federal agencies and subcomponents based on, in part, agency membership in the federal CIO Council; 90 responded. However, not all agencies replied to each question. GAO also selected the Department of Commerce, the Department of Homeland Security, EPA, and the National Aeronautics and Space Administration as case studies. GAO selected these agencies based on, among other things, their fiscal year 2020 IT budgets and examples of IoT use from literature. For each case study, GAO reviewed documents and interviewed officials from the Office of the CIO from the agency and officials from selected sub-components that use the IoT technologies.

For more information, contact Andrew Von Ah at (202) 512-2834 or vonaha@gao.gov.

News Network

  • Guinea’s National Day
    In Crime Control and Security News
    Michael R. Pompeo, [Read More…]
  • America Stands for Freedom
    In Crime Control and Security News
    Michael R. Pompeo, [Read More…]
  • Drug Control: U.S. Nonmilitary Assistance to Colombia Is Beginning to Show Intended Results, but Programs Are Not Readily Sustainable
    In U.S GAO News
    Since 2000, the U.S. government has provided a total of $3.3 billion to Colombia, making it the fifth largest recipient of U.S. assistance. Part of this funding has gone toward nonmilitary assistance to Colombia, including programs to (1) promote legitimate economic alternatives to coca and opium poppy; (2) assist Colombia's vulnerable groups, particularly internally displaced persons; and (3) strengthen the country's democratic, legal, and security institutional capabilities. GAO examined these programs' objectives, reported accomplishments, and identified the factors, if any, that limit project implementation and sustainability. We also examined the challenges faced by Colombia and the United States in continuing to support these programs.Although U.S. nonmilitary assistance programs have begun to produce some results, individual projects reach a relatively small number of beneficiaries, face implementation challenges, and may not be sustainable. For example, projects designed to promote legitimate economic alternatives to illicit crop cultivation have helped about 33,400 families. However, the U.S. Agency for International Development (USAID) estimated in 2000 and 2001 that as many as 136,600 families needed assistance, and these projects face implementation obstacles, such as difficulty marketing licit products and operating in conflictive areas. U.S. assistance to Colombia's vulnerable groups has provided support to many internally displaced persons, but these program beneficiaries do not receive all of the assistance they need, and there is no systematic way for beneficiaries to transition from emergency aid to longer-term development assistance. The U.S. government has made some progress toward facilitating democratic reform in Colombia, but projects face certain obstacles, such as limited funding and security constraints. Despite the progress made by the three nonmilitary assistance programs, Colombia and the United States continue to face long-standing management and financial challenges. The Colombian government's ability to contribute funds for nonmilitary assistance programs is limited by a number of domestic and foreign factors, and Colombia's longstanding conflict poses additional challenges to implementing and sustaining nonmilitary assistance efforts. The U.S. government has not maximized the mutual benefits of its nonmilitary assistance programs and has not established a mechanism for vulnerable groups to transition from emergency aid to longer-term assistance. Furthermore, the Departments of State and Justice and USAID have not established timelines for achieving their stated objectives, nor have State and USAID developed a strategy to turn programs over to the Colombian government or to the private sector.
    [Read More…]
  • Launching Agriculture Innovation Mission for Climate
    In Crime Control and Security News
    Office of the [Read More…]
  • Department Press Briefing – February 11, 2021
    In Crime Control and Security News
    Ned Price, Department [Read More…]
  • Secretary Antony J. Blinken And Jordanian King Abdullah II Before Their Meeting
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Secretary Blinken’s Call with Indonesian Foreign Minister Marsudi
    In Crime Control and Security News
    Office of the [Read More…]
  • Previously Convicted Felon Indicted for Illegally Transporting and Storing Hazardous Waste, Falsifying a Hazardous Waste Manifest and Obstructing an Agency Proceeding
    In Crime News
    A federal grand jury in Hawaii returned an indictment against Anthony Shane Gilstrap, 54, for violating the Resource Conservation and Recovery Act (RCRA) by transporting hazardous waste without a required manifest, falsifying a hazardous waste manifest, and storing hazardous waste without a permit. He is also charged with obstructing an agency proceeding.
    [Read More…]
  • Rebuilding Iraq: Status of Competition for Iraq Reconstruction Contracts
    In U.S GAO News
    Since 2003, Congress has appropriated more than $20 billion through the Iraq Relief and Reconstruction Fund (IRRF) to support Iraq rebuilding efforts. The majority of these efforts are being carried out through contracts awarded by the Departments of Defense (DOD) and State and the U.S. Agency for International Development (USAID). When awarding IRRF-funded contracts for $5 million or more noncompetitively, agencies are required by statute to provide notification and justification to Congress. In June 2004, GAO found that agencies generally complied with laws and regulations governing competition to award new contracts, but did not always comply with competition requirements when issuing task orders under existing contracts. As mandated by Congress, this report (1) describes the extent of competition in Iraq reconstruction contracts awarded by DOD, USAID, and State since October 1, 2003, based on available data, and (2) assesses whether these agencies followed applicable documentation and congressional notification requirements regarding competition for 51 judgmentally selected Iraq reconstruction contract actions. In written comments, State and USAID concurred with the report findings. DOD provided a technical comment.While no single, comprehensive system currently tracks governmentwide Iraq reconstruction contract data, available data showed that from October 1, 2003, through March 31, 2006, DOD, USAID, and State collectively awarded the majority of Iraq reconstruction contracts competitively. Based on competition information we obtained on $10 billion of the total $11.6 billion in IRRF obligations by these agencies during the period of our review, we found that about $9.1 billion--or 91 percent--was for competitively awarded contracts. While our ability to obtain complete competition data for all DOD Iraq reconstruction contract actions was limited because not all DOD components consistently tracked or fully reported this information, we obtained information on approximately $7 billion, or 82 percent, of DOD's total Iraq reconstruction contract obligations, and of this, we found that competition occurred for nearly all of the obligations. Additionally, based on complete data for the period of our review we found that USAID competitively awarded contract actions for 99 percent of its obligations, while State awarded contract actions competitively for only 10 percent of its obligations. GAO reviewed the files for 51 contract actions totaling $1.55 billion--22 of which were awarded noncompetitively and 29 of which were awarded competitively--almost all of which contained proper documentation. One contract file--for a noncompetitively awarded task order issued by State--did not contain justifications or other required documentation. DOD was also unable to provide documentation for 4 of the competitively awarded contract actions. Of the 22 noncompeted contract actions in GAO's review, State should have notified Congress of 2 actions awarded using other than full and open competition in accordance with notification requirements but did not. State officials told GAO that they have taken steps to address the problem. GAO did not identify any DOD or USAID contract actions within the sample that required notification.
    [Read More…]
  • Military and Dual-Use Technology: Covert Testing Shows Continuing Vulnerabilities of Domestic Sales for Illegal Export
    In U.S GAO News
    Terrorists and foreign governments regularly attempt to obtain sensitive dual-use and military technology from manufacturers and distributors within the United States. Although the Department of State (State) or Department of Commerce (Commerce), or both, must grant approval to export sensitive military and dual-use items, publicly reported criminal cases show that individuals can bypass this requirement and illegally export restricted items such as night-vision goggles. In the wrong hands, this technology poses a risk to U.S. security, including the threat that it will be reverse engineered or used directly against U.S. soldiers. Given the threat, the subcommittee asked GAO to conduct undercover tests to attempt to (1) purchase sensitive dual-use and military items from manufacturers and distributors in the United States; and (2) export purchased items without detection by domestic law-enforcement officials. To perform this work, GAO used fictitious individuals, a bogus front company, and domestic mailboxes to pose as a buyer for sensitive items. GAO, in coordination with foreign law-enforcement officials, also covertly attempted to export dummy versions of items. GAO interviewed relevant agencies to gain an understanding of which items were in demand by terrorists and foreign governments. GAO actions were not designed to test controls of other countries. Relevant agencies were also briefed on the results of this work.GAO foundthat sensitive dual-use and military technology can be easily and legally purchased from manufacturers and distributors within the United States and illegally exported without detection. Using a bogus front company and fictitious identities, GAO purchased sensitive items including night-vision scopes currently used by U.S. soldiers in Iraq and Afghanistan to identify targets, triggered spark gaps used to detonate nuclear weapons, electronic sensors used in improvised explosive devices, and gyro chips used in guided missiles and military aircraft. Interviews with cognizant officials at State and Commerce and a review of laws governing the sale of the types of items GAO purchased showed there are few restrictions on domestic sales of these items. GAO was also able to export a number of dummy versions of these items using the mail to a country that is a known transshipment point for terrorist organizations and foreign governments attempting to acquire sensitive technology. Due to the large volume of packages being shipped overseas, and large volume of people traveling overseas, enforcement officials within the United States said it is impossible to search every package and person leaving the United States to ensure sensitive technologies are not being exported illegally. As a result, terrorists and foreign governments that are able to complete domestic purchases of sensitive military and dual-use technologies face few obstacles and risks when exporting these items. The table below provides details on several of the items GAO was able to purchase and, in two cases, illegally export without detection.
    [Read More…]
  • Secretary Antony J. Blinken With Mike Allen of Axios on HBO Max
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Chinese National Sentenced to More than Three Years in Federal Prison for Attempting to Illegally Export Maritime Raiding Craft and Engines to China
    In Crime News
    A Chinese national was sentenced Wednesday to three years and six months in in federal prison for conspiring to submit false export information through the federal government’s Automated Export System and to fraudulently export to China maritime raiding craft and engines, and attempting to fraudulently export that equipment in violation of U.S. law.
    [Read More…]
  • Deputy Secretary of State Wendy Sherman’s Visit to Cambodia
    In Crime Control and Security News
    Office of the [Read More…]
  • Food Safety: CDC Could Further Strengthen Its Efforts to Identify and Respond to Foodborne Illnesses
    In U.S GAO News
    The roles and responsibilities of the Centers for Disease Control and Prevention (CDC) during a multistate foodborne illness outbreak include analyzing federal foodborne illness surveillance networks to identify outbreaks, leading investigations to determine the food causing the outbreak, and communicating with the public. CDC also works to build and maintain federal, state, territorial, and local capacity to respond to foodborne illness outbreaks by awarding funds to state and local public health agencies and through other initiatives. In identifying and responding to multistate foodborne illness outbreaks, CDC faces challenges related to clinical methods and communication, and it has taken some steps to respond to these challenges. One challenge stems from the increasing clinical use of culture-independent diagnostic tests (CIDTs). CIDTs diagnose foodborne illnesses faster and cheaper than traditional methods, but because they do not create DNA fingerprints that can specify a pathogen, they may reduce CDC's ability to identify an outbreak. A CDC working group recommended in May 2018 that CDC develop a plan to respond to the increasing use of CIDTs. By developing a plan, CDC will have greater assurance of continued access to necessary information. CDC also faces a challenge in balancing the competing needs for timeliness and accuracy in its outbreak communications while maintaining public trust. CDC has an internal framework to guide its communications decisions during outbreaks, and it recognizes that stakeholders would like more transparency about these decisions. By making its framework publicly available, CDC could better foster public trust in its information and guidance during outbreaks. CDC has taken steps to evaluate its performance in identifying and responding to multistate outbreaks. Specifically, CDC has developed general strategic goals (see fig.) and taken initial steps to develop performance measures. However, CDC has not yet established other elements of a performance assessment system—an important component of effective program management. CDC's Use of Elements of Program Performance Assessment Systems In particular, CDC has not set specific performance goals, used performance measures to track progress, or conducted a program evaluation of its multistate foodborne illness outbreak investigation efforts. By implementing all elements of a performance assessment system, CDC could better assess its progress toward meeting its goals, identify potentially underperforming areas, and use that information to improve its performance. CDC has estimated that each year, one in six people in the United States gets a foodborne illness, 128,000 are hospitalized, and 3,000 die. CDC data show increases in the number of reported multistate foodborne illness outbreaks—groups of two or more linked cases in multiple states—in recent years. Such outbreaks are responsible for a disproportionate number of hospitalizations and deaths, compared with single-state outbreaks. GAO was asked to review CDC's response to multistate foodborne illness outbreaks. This report examines (1) CDC's roles and responsibilities, (2) challenges that CDC faces and the extent to which it has addressed these challenges, and (3) the extent to which CDC evaluates its performance. GAO reviewed agency documents and data; conducted site visits and case studies; and interviewed federal, state, and local public health officials, as well as representatives of stakeholder groups. GAO is recommending that CDC (1) develop a plan to respond to the increasing use of CIDTs, (2) make publicly available its decision-making framework for communicating about multistate foodborne illness outbreaks, and (3) implement all the elements of a performance assessment system. CDC concurred with all three recommendations. For more information, contact Steve D. Morris at (202) 512-3841 or morriss@gao.gov.
    [Read More…]
  • Robstown man gets huge sentence for sexual exploitation of a child
    In Justice News
    A 53-year-old local man [Read More…]
  • Joint Statement on the C5+1 Ministerial during UNGA 76
    In Crime Control and Security News
    Office of the [Read More…]
  • Bank Julius Baer Agrees to Pay More than $79 Million for Laundering Money in FIFA Scandal
    In Crime News
    Bank Julius Baer & Co. Ltd. (BJB or the Bank), a Swiss bank with international operations, has admitted today in federal court in Brooklyn that it conspired to launder over $36 million in bribes through the United States to soccer officials with the Fédération Internationale de Football Association (FIFA) and other soccer federations, in furtherance of a scheme in which sports marketing companies bribed soccer officials in exchange for broadcasting rights to soccer matches. The proceeding was held before U.S. District Judge Pamela K. Chen.
    [Read More…]
  • Iran Travel Advisory
    In Travel
    Do not travel to Iran [Read More…]
  • Russian National Extradited to United States to Face Charges for Alleged Role in Cybercriminal Organization
    In Crime News
    A Russian national, residing in the Yakutsk region of Russia and in Southeast Asia, had his initial appearance in federal court today after his extradition from the Republic of Korea to the Northern District of Ohio to face charges for his alleged role in a transnational, cybercriminal organization.
    [Read More…]
  • Judiciary Seeks New Judgeships, Reaffirms Need for Enhanced Security
    In U.S Courts
    The Judicial Conference of the United States, the Judiciary’s policy-making body, today addressed two of its most pressing issues – a proposal to add 79 new judgeships for courts across the country and initiatives to improve both personal and courthouse security.
    [Read More…]
Network News © 2005 Area.Control.Network™ All rights reserved.