recommended reading

Hacker Fears Have Frustrated Efforts to Downsize Dot-Gov Sprawl

Simon Booth/

Concerns about data compromises are partly to blame for drawing out an effort to merge roughly 2,000 dot-gov websites, according to federal officials and internal emails. 

But officials say they are still committed to making government services and information easier to navigate, as the website consolidation initiative approaches its three-year anniversary.

Combining National Oceanic and Atmospheric Administration website content with content from the Coast Guard illustrates the trickiness. The Coast Guard, a Homeland Security Department agency with a dot-mil suffix, is more of a bull’s eye for hackers than NOAA, officials say.

USCG employees shy away from sharing data with other agencies, one information technology employee complained on the government's Web content managers listserv in 2012. Nextgov retrieved the message, with the employee’s name redacted, through an open records request. 

The Coast Guard staff "are security maniacs because hackers like to target them," wrote a NOAA web manager in the Office of Space Commercialization, which is part of the Department of Commerce.

"I tried to syndicate RSS feeds from the CG server to the DOC server. It didn't work because DOC blocks external content, and the DOC guys said no way even when I explained that CG is rabid about security and that I control the content on their server. How are we ever supposed to avoid duplication of content if content cannot be shared?" the manager questioned.

Coast Guard officials acknowledge that personnel are worried about protecting their information when linking to other agencies’ machines. 

Each agency official responsible for a Web system "is of course concerned with protecting their networks and systems," Coast Guard spokeswoman Lisa Novak said. "One significant challenge is sharing data between separate domains such as .gov and .mil.  [The service] operates in the .mil environment and recent cyberattacks from applications that have an Internet facing component have sensitized [information technology] officials to closely monitor interconnections."

In June 2011, the Obama administration set a one-year goal to cut in half the government's 2,000 main dot-gov domains, such as and   

Around the time of the initiative’s two-year anniversary, Nextgov reported that, for the first time, there were fewer than 1,000 unique government domains.

Today, the number of separate sites has crept up to 1,223. Of those, about 305 are empty and redirect to another site, White House officials say.

Security Concerns

A reluctance to yield control of data frustrated the push to fuse some sites, the NOAA Web manager said. 

"IT managers are totally averse to downloading content to their network from an external network, no matter how secure that external network is," the manager said. "They cannot accept responsibility for viruses or malware getting into their network due to content syndication," through RSS feeds, for instance. 

The manager apologized for posting a long entry about an individual dilemma to the whole listserv, but reasoned other officials were experiencing the same problem. 

"This is something that is really bothering me as I try to implement the Web consolidation initiative on only two of the sites that I manage. Now multiply this by hundreds of government sites . . . without the right technology solutions, I start to wonder if we're really improving the federal Web or making it worse," the manager said.

The governmentwide initiative began with a three-month freeze on all new dot-gov websites to get a handle on the extent of webpage sprawl. Administration officials described the effort as a first step in fulfilling a June 13, 2011, presidential executive order to cut waste and streamline government operations. 

The emphasis was more on streamlining Internet operations than cutting waste.  The cost of maintaining some sites is relatively small, officials admitted.

To minimize the risk of breaches, Coast Guard officials sign a formal "interconnect security agreement” with partner agencies, Novak said. And before doing so, each USCG agency reviews the security posture of the other agency.

Novak could not address the specific ordeal the NOAA Web manager portrayed. She said the comments are vague in terms of identifying specific websites, systems and networks. In general, the Coast Guard "shares data and enjoys service that NOAA provides for several applications," Novak said. "We are currently exchanging data with our NOAA partners."

NOAA spokesman David Miller declined to speak about the manager’s troubles.  "NOAA continues to make consolidating websites a priority across the agency, but we cannot address specific security issues,” he said.

White House officials said the Office of Management and Budget works with agencies to ensure that security issues surrounding website mergers are handled in a timely manner. By law, agencies must make risk-based decisions regarding how to secure their own IT assets, they added.  

Officials said the public is welcome to track progress on the downsizing effort through a regularly updated chart on

(Image via Simon Booth/

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.