About five years ago, many law enforcement officials wondered if the cloud was safe enough to hold their data. Now the FBI, the nation’s top law enforcement agency, is considering a move to a large-scale, commercial software cloud provider.
The FBI’s Office of the Chief Information Officer (OCIO) is conducting market research via a Request for Information (RFI) to better understand commercial cloud capabilities. And, in accordance with the government’s “Cloud First” policy, the FBI is seeking ways to optimize the tools, functions, capabilities, security risk management, and products that can support multiple business processes and architectures within the FBI’s enterprise systems.
The OCIO has identified cloud technologies as a key enabler to simultaneously solve two challenges in supporting the mission: hosting and managing big data and enabling IT operational excellence. To that end, OCIO thinks cloud computing will allow the FBI to efficiently manage, operate and run a very large-scale computing infrastructure to deliver the capacity, availability, and performance that will permit end users to focus on mission accomplishment.
Other Federal law enforcement such as The Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF), are moving to become a 100 percent cloud-enabled agency, and more agencies will seek better understanding of how cloud computing will help their agencies operate more efficiently and deliver better citizen services, to comply with the cloud first policy.
ATF plans to shut down one of its major data centers in West Virginia in about 12 months. The bureau uses both the public and the private cloud and plans to use as much open source information as possible. The agency uses multiple cloud platforms because it wants to put the right application on the right platform.
“It’s a bit of a journey at the moment,” Walter Bigelow, Chief of the IT Systems Management Division in the Office of Science and Technology at ATF, said at MeriTalk and NetApp’s Cloud Connect on Nov. 8, 2017. “We will see some solid benefits out of making this move.”
The FBI’s move to the cloud should pave the way for more state and local law enforcement agencies to make that transition, said Paul Wormeli, head of Wormeli Consulting, and Executive Director Emeritus of the Integrated Justice Information Systems Institute (IJISI).
“If the FBI does get into the cloud with its systems, that will give an imprimatur of acceptance for a lot of local law enforcement,” said Wormeli. “If the FBI is doing, it must be all right.”
Five years ago, the law enforcement community’s major concerns about moving to the cloud included cloud reliability and availability, performance requirements, costs of migration, and the recovery of data, according to an IJISI report entitled “Mitigating Risks in the Application of Cloud Computing in Law Enforcement,” written by Wormeli.
What a difference five years can make, Wormeli said. Several things occurred that have made law enforcement more comfortable with the cloud. Those factors include:
- Cloud companies have pushed for stronger reliability standards
- Major players such as Amazon Web Services, Google, and Microsoft have launched cloud platforms with a government focus as well as secret regions that can operate workloads up to the Secret U.S. security classification level
- The Federal government launched FedRAMP, a government-wide program that provides a standardized approach to security assessments, authorization, and continuous monitoring for cloud solutions, products, and services
- Computer-aided dispatch and record management software is moving to the cloud
- More cloud brokers exist that can tie together multiple clouds
The FBI is looking to acquire Platform as a Service (PaaS) and Software as a Service (SaaS) offerings from established cloud service providers with an existing, large-scale commercial offering that can provide on-demand applications, broad network access, and resource pooling to support multiple government agencies. In addition, the cloud platform must meet intelligence community security requirements for handling secret data, assuring high availability, and providing significantly more cost-efficient computing than traditional approaches.