While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
How do the Defense Department’s IT operations and investments stack up against those of large private firms?
That’s a question DOD CIO Terry Halvorsen hears often, whether it’s cloud computing adoption or data center investments. These days, the department is focusing more attention on what industry is doing and how it can develop a fact-based approach for making sound comparisons between DOD and industry operations.
“What we’re doing right now is, I am trying to figure out where I should benchmark against industry, and in many of the business functions I absolutely should benchmark against industry,” Halvorsen said during a conference call on Wednesday.
“Again, I don’t think we’re going to get many absolutes,” he said. “Am I ever going to get out of the data center business? No”
But what Halvorsen hopes to settle is a question that other government CIOs also are trying to answer: Is that a business I should be in, and to what degree?
While the DOD may never get out of the data center business completely, the department is exploring alternative models for hosting and delivering military data, including commercial cloud arrangements and what Halvorsen refers to as data distribution centers, commonly known as data centers. He is particularly interested in public–private arrangements, in which vendors are allocated discrete floor/rack space inside DOD facilities.
Here’s what Halvorsen told lawmakers at a Feb. 25 House subcommittee hearing:
We may need your help in changing the business model, particularly in certain areas. We need to look at how we can expand private–public partnership, particularly in the area of gated distribution or data centers. How can I take, in my case, maybe a DISA data center, realign it into a more public–private partnership and get full value out of what can be commercial-rate improvements? I think we will need to work some legislation to make that easier for all of us to get done. We are continuing to approve the accounting procedures and have more transparency in our dollars. For example, we have added codes inside the department that actually show how much money is being spent on data centers and other key IT areas.
During the conference call this week, Halvorsen further explained that the biggest legal barrier around the public–private partnership seems to be restrictions on what can be sold if an organization is operating on a government installation, “where a government is giving you some set of either services or advantage.”
One concern Halvorsen raised is, if the DOD is providing physical security for an organization located on government property, does that give the company an advantage over other firms competing for work.
The department has already received proposals for what this type of model could cost, and the proposals are attractive, Halvorsen said. But the department would first need to determine if this type of arrangement violates current laws; review costs; consider what’s achievable; issue a request for information; and follow up with a research development pilot, he said.
Halvorsen’s goal is to issue an RFI this summer, but he acknowledged that the goal is ambitious.
As for the DOD’s cloud computing adoption, Halvorsen said the department is in the beginning stages. The DOD is tracking current investments and asking the tough questions about data liability and protection. “I think we’re about where any Fortune 50 company is today,” he said.
“I’m happy with where we are, but now I want to go faster, because I think we’ve got our baseline established,” he added.