recommended reading

Hacker Fears Have Frustrated Efforts to Downsize Dot-Gov Sprawl

Simon Booth/

Concerns about data compromises are partly to blame for drawing out an effort to merge roughly 2,000 dot-gov websites, according to federal officials and internal emails. 

But officials say they are still committed to making government services and information easier to navigate, as the website consolidation initiative approaches its three-year anniversary.

Combining National Oceanic and Atmospheric Administration website content with content from the Coast Guard illustrates the trickiness. The Coast Guard, a Homeland Security Department agency with a dot-mil suffix, is more of a bull’s eye for hackers than NOAA, officials say.

USCG employees shy away from sharing data with other agencies, one information technology employee complained on the government's Web content managers listserv in 2012. Nextgov retrieved the message, with the employee’s name redacted, through an open records request. 

The Coast Guard staff "are security maniacs because hackers like to target them," wrote a NOAA web manager in the Office of Space Commercialization, which is part of the Department of Commerce.

"I tried to syndicate RSS feeds from the CG server to the DOC server. It didn't work because DOC blocks external content, and the DOC guys said no way even when I explained that CG is rabid about security and that I control the content on their server. How are we ever supposed to avoid duplication of content if content cannot be shared?" the manager questioned.

Coast Guard officials acknowledge that personnel are worried about protecting their information when linking to other agencies’ machines. 

Each agency official responsible for a Web system "is of course concerned with protecting their networks and systems," Coast Guard spokeswoman Lisa Novak said. "One significant challenge is sharing data between separate domains such as .gov and .mil.  [The service] operates in the .mil environment and recent cyberattacks from applications that have an Internet facing component have sensitized [information technology] officials to closely monitor interconnections."

In June 2011, the Obama administration set a one-year goal to cut in half the government's 2,000 main dot-gov domains, such as and   

Around the time of the initiative’s two-year anniversary, Nextgov reported that, for the first time, there were fewer than 1,000 unique government domains.

Today, the number of separate sites has crept up to 1,223. Of those, about 305 are empty and redirect to another site, White House officials say.

Security Concerns

A reluctance to yield control of data frustrated the push to fuse some sites, the NOAA Web manager said. 

"IT managers are totally averse to downloading content to their network from an external network, no matter how secure that external network is," the manager said. "They cannot accept responsibility for viruses or malware getting into their network due to content syndication," through RSS feeds, for instance. 

The manager apologized for posting a long entry about an individual dilemma to the whole listserv, but reasoned other officials were experiencing the same problem. 

"This is something that is really bothering me as I try to implement the Web consolidation initiative on only two of the sites that I manage. Now multiply this by hundreds of government sites . . . without the right technology solutions, I start to wonder if we're really improving the federal Web or making it worse," the manager said.

The governmentwide initiative began with a three-month freeze on all new dot-gov websites to get a handle on the extent of webpage sprawl. Administration officials described the effort as a first step in fulfilling a June 13, 2011, presidential executive order to cut waste and streamline government operations. 

The emphasis was more on streamlining Internet operations than cutting waste.  The cost of maintaining some sites is relatively small, officials admitted.

To minimize the risk of breaches, Coast Guard officials sign a formal "interconnect security agreement” with partner agencies, Novak said. And before doing so, each USCG agency reviews the security posture of the other agency.

Novak could not address the specific ordeal the NOAA Web manager portrayed. She said the comments are vague in terms of identifying specific websites, systems and networks. In general, the Coast Guard "shares data and enjoys service that NOAA provides for several applications," Novak said. "We are currently exchanging data with our NOAA partners."

NOAA spokesman David Miller declined to speak about the manager’s troubles.  "NOAA continues to make consolidating websites a priority across the agency, but we cannot address specific security issues,” he said.

White House officials said the Office of Management and Budget works with agencies to ensure that security issues surrounding website mergers are handled in a timely manner. By law, agencies must make risk-based decisions regarding how to secure their own IT assets, they added.  

Officials said the public is welcome to track progress on the downsizing effort through a regularly updated chart on

(Image via Simon Booth/

Threatwatch Alert

Stolen laptop

Wireless Heart Monitor Maker to Pay $2.5M Settlement to HHS After Laptop Stolen

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.