safegov cloud and law enforcement event - 31jan13
DESCRIPTION
Describing ATF's efforts and experiences in cloud and IT-as-a-serviceTRANSCRIPT
Law Enforcement and Cloud Services: A Case Study Rick Holgate Assistant Director for Science & Technology / CIO
Bureau of Alcohol, Tobacco, Firearms & Explosives (ATF)
@rickholgate
Inflection Point
Yesterday Today Tomorrow
Enterprise Platforms
Services & Standards
Closed
Open
Mobile Device Shipments
(Mobile) Bandwidth
Cloud Services
Connected People & Things
ATF: Our Mission and Services
Law Enforcement Operations:
Violent Crime
Firearms
Arson & Explosives
Alcohol & Tobacco
Public Safety Services • Emergency Support Function (ESF) #13 • Firearms and Explosives Licensing and
Other Industry Services • Firearms Tracing • National Integrated Ballistics
Information Network (NIBIN) • National Center for Explosives Training
and Research (NCETR) • United States Bomb Data Center • Terrorist Explosives Device Analytical
Center (TEDAC) • ATF Laboratories • Financial Investigations • Collaboration and Partnerships
ATF Organizational Snapshot (round numbers)
2,450
800
1,650
Personnel
Special Agents
Industry Operations Investigators
Other Professional Staff
$890
$240
$23
Resources ($M)
Firearms
Arson and Explosives
Alcohol and Tobacco
5
Some Critical ATF IT Initiatives: Supporting Unique National Services…
eTrace
eForms / Firearms Information System Modernization (FISM)
Enterprise Standard Architecture (ESA) III ESA IV
Improved Firearms Trace Information Sharing
Laboratory Information Management System (LIMS)
Digital Evidence Collection System (DECS)
Fire and Explosives Research Modernization
Ballistics Imaging Modernization … “eFirearms”
Intelligence Driven Policing Initiative (IDPI)
Next Generation Case Management (NGCM)
Optimization of Enterprise Mobility
Today
Future
…in an environment of constrained resources
From an IT Perspective…
Our Priorities
Integrate and expose
our mission data Reengineering legacy systems and data to achieve a service-oriented environment
Refine and advance
our infrastructure Exploring new models to maximize efficiency
Support our mobile
workforce Providing the right set of tools and capabilities
ATF: A History of Services
1997: Desktop Outsourcing
• Enterprise Standard Architecture, ESA
2003: Interdepartmental HR System
• HRConnect, Department of the Treasury
2008: Application Hosting (ESA)
2011: Shared Financial Management
• DOJ Unified Financial Management System (UFMS)
2013: Cloud Email and Collaboration
• Microsoft Office365
8
IT as a Service
Today Seat management (ESA III)
Human resources (HRConnect)
Financial management (UFMS)
Learning management (LearnATF/LearnDOJ)
Tomorrow Email / collaboration
Video / digital media management (DECS)
User experience – devices / desktops (ESA IV)
Application hosting / application services (ESA IV)
Property management
Mobile device management
Why Cloud Email?
Greater capabilities
• Provides larger mailboxes
• Includes robust collaboration tools
Improved archiving and discovery
Improved availability
• Geographic redundancy
Better pricing
Aligned with Federal CIO priorities
• Shared First, Cloud First, PortfolioStat
10
DOJ/ATF “Must-Move” Cloud
Initiative Best-in-Industry email and collaboration services at reduced life-cycle cost = Cloud First
DOJ enterprise agreement leveraged with intent to simplify acquisition of services = Shared First
ITAR under negotiation with DOJ and vendor since November 2011 (inspection, security, exit clause, change management)
OMB commitment for significant progress by June 8, 2012
Migration timeline: 30 weeks from Contract Signing
Office365 service offering includes:
• Exchange Online
• SharePoint Online
• Lync Online
• Data Archival and eDiscovery
Cloud Email/Collaboration
Key Issues include:
• Major paradigm shift for acquisitions, legal, IT staff, and security
• Disconnects in email Records Retention policy vs. legal eDiscovery requirements
• Archival and storage of over 200 TB of personal archives and mail related data
• Enterprise Identity Management solution is a key prerequisite
• Information and Content Governance must be defined prior to deployment
• Cloud Computing initiatives have already outpaced FedRAMP
Major Steps for Migration
• Contract Award [week 0]
• Scope-Lock [weeks 1-4]
• Environment Build-out (on-premises and in Cloud) [weeks 5-25]
• Pilot Migrations [weeks 26-29]
• Certification and Accreditation [weeks 15-29]
• Service Ready – Migrate all mailboxes [weeks 30-32]
• Deprovision on-premises environment [weeks 33-40]
Accomplishments to Date
• June 2012: Issued Task Order for Office365 Services on DOJ enterprise agreement
• On-Premises Active Directory and Public Folder clean-up
• Requirements defined and “Scope-Lock”
• Network circuit ordered, tested, and activated through JUTNet
• Test machines, service accounts, DNS forwarding, etc.
• Initiated Background Investigations for 150 support staff at Public Trust High (60 needed by 3/27 – 25 waivered or fully adjudicated as of 1/25)
• Initiating user awareness and adoption planning
• Proofpoint Archive and eDiscovery Roles definition
13
Risks
Schedule: • Schedule delayed until network connection approved • Target Pilot (Service Ready) March 27th • Validation of Services 3-4 weeks to ATO • Bureau-wide migration over 2 weeks
Features and Services: • Certificate Based authentication (Mobile Devices) • MDM Upgrades – Good and AirWatch • Proofpoint Archive data conversion and import
Background Investigations: • 125 needed for operational state • 17 @High; 23 @Moderate; 93 in progress • 150 total submitted; 50 explicitly denied
Current Challenges
• Background Investigation of Microsoft Operational Team (60 needed for pilot; 125 needed for full operational state)
• Network Ports and Firewall Rules validation
• ESA IV Transition timing and IT Staff Preparedness
• MDM Upgrades needed for Office365 compatible versions (Good and AirWatch)
• ATF Active Directory synchronization via MMSSPP
• Proofpoint data conversion and import (separately funded and executed)
• Security Certification and Accreditation
• Enterprise Content Governance Policies and Procedures
15
Lessons Learned
The reality of “Cloud”
• Private/dedicated
• Evolving baseline
Personnel security factors
Security controls
• Consistency
• “Medium” vs. “High”
• Real vs. Aspirational
Expected Results
Better, more cost-effective services for ATF
Proven solution for DOJ
Validated through FedRAMP
Available to other customers (Federal, state/local, commercial, …)
Questions?
Rick Holgate Assistant Director for Science & Technology / CIO
Bureau of Alcohol, Tobacco, Firearms & Explosives (ATF) @rickholgate