SafeGov Cloud and Law Enforcement event - 31Jan13


Published on

Describing ATF's efforts and experiences in cloud and IT-as-a-service

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

SafeGov Cloud and Law Enforcement event - 31Jan13

  1. 1. Law Enforcement andCloud Services:A Case StudyRick HolgateAssistant Director for Science & Technology / CIOBureau of Alcohol, Tobacco, Firearms & Explosives (ATF)@rickholgate
  2. 2. Inflection Point Services & Standards Open Mobile Device Shipments (Mobile) Bandwidth Cloud Services Connected People & Things Enterprise Platforms Closed Yesterday Today Tomorrow
  3. 3. ATF: Our Mission and Services Law Enforcement Operations: Violent Crime Firearms • • Public Safety Services Emergency Support Function (ESF) #13 Firearms and Explosives Licensing and Other Industry Services • Firearms Tracing Arson & Explosives • National Integrated Ballistics Information Network (NIBIN) • National Center for Explosives Training and Research (NCETR) Alcohol & Tobacco • United States Bomb Data Center • Terrorist Explosives Device Analytical Center (TEDAC) • ATF Laboratories • Financial Investigations • Collaboration and Partnerships
  4. 4. ATF Organizational Snapshot(round numbers) Personnel Resources ($M) $23 1,650 $240 2,450 $890 800 Special Agents Firearms Industry Operations Investigators Arson and Explosives Other Professional Staff Alcohol and Tobacco5
  5. 5. Some Critical ATF IT Initiatives:Supporting Unique National Services… eTrace Today eForms / Firearms Information System Modernization (FISM) Enterprise Standard Architecture (ESA) III  ESA IV Improved Firearms Trace Information Sharing Optimization of Enterprise Mobility Laboratory Information Management System (LIMS) Digital Evidence Collection System (DECS) Fire and Explosives Research Modernization Ballistics Imaging Modernization … “eFirearms” Intelligence Driven Policing Initiative (IDPI) Future Next Generation Case Management (NGCM) …in an environment of constrained resources
  6. 6. From an IT Perspective…Our PrioritiesSupport our mobile Integrate and expose Refine and advanceworkforce our mission data our infrastructureProviding the right set of tools Reengineering legacy Exploring new models toand capabilities systems and data to achieve maximize efficiency a service-oriented environment
  7. 7. ATF: A History of Services1997: Desktop Outsourcing• Enterprise Standard Architecture, ESA2003: Interdepartmental HR System• HRConnect, Department of the Treasury2008: Application Hosting (ESA)2011: Shared Financial Management• DOJ Unified Financial Management System (UFMS)2013: Cloud Email and Collaboration• Microsoft Office3658
  8. 8. IT as a ServiceToday TomorrowSeat management Email / collaboration(ESA III) Video / digital mediaHuman resources management (DECS)(HRConnect) User experience –Financial management devices / desktops (ESA IV)(UFMS) Application hosting /Learning management application services (ESA IV)(LearnATF/LearnDOJ) Property management Mobile device management
  9. 9. Why Cloud Email?Greater capabilities• Provides larger mailboxes• Includes robust collaboration toolsImproved archiving and discoveryImproved availability• Geographic redundancyBetter pricingAligned with Federal CIO priorities• Shared First, Cloud First, PortfolioStat10
  10. 10. DOJ/ATF “Must-Move” CloudInitiativeBest-in-Industry email and collaboration services at reduced life-cyclecost = Cloud FirstDOJ enterprise agreement leveraged with intent to simplifyacquisition of services = Shared FirstITAR under negotiation with DOJ and vendor since November 2011(inspection, security, exit clause, change management)OMB commitment for significant progress by June 8, 2012Migration timeline: 30 weeks from Contract SigningOffice365 service offering includes:• Exchange Online• SharePoint Online• Lync Online• Data Archival and eDiscovery
  11. 11. Cloud Email/CollaborationKey Issues include:• Major paradigm shift for acquisitions, legal, IT staff, and security• Disconnects in email Records Retention policy vs. legal eDiscovery requirements• Archival and storage of over 200 TB of personal archives and mail related data• Enterprise Identity Management solution is a key prerequisite• Information and Content Governance must be defined prior to deployment• Cloud Computing initiatives have already outpaced FedRAMPMajor Steps for Migration• Contract Award [week 0]• Scope-Lock [weeks 1-4]• Environment Build-out (on-premises and in Cloud) [weeks 5-25]• Pilot Migrations [weeks 26-29]• Certification and Accreditation [weeks 15-29]• Service Ready – Migrate all mailboxes [weeks 30-32]• Deprovision on-premises environment [weeks 33-40]
  12. 12. Accomplishments to Date• June 2012: Issued Task Order for Office365 Services on DOJ enterprise agreement• On-Premises Active Directory and Public Folder clean- up• Requirements defined and “Scope-Lock”• Network circuit ordered, tested, and activated through JUTNet• Test machines, service accounts, DNS forwarding, etc.• Initiated Background Investigations for 150 support staff at Public Trust High (60 needed by 3/27 – 25 waivered or fully adjudicated as of 1/25)• Initiating user awareness and adoption planning• Proofpoint Archive and eDiscovery Roles definition13
  13. 13. RisksSchedule:• Schedule delayed until network connection approved• Target Pilot (Service Ready) March 27th• Validation of Services 3-4 weeks to ATO• Bureau-wide migration over 2 weeksFeatures and Services:• Certificate Based authentication (Mobile Devices)• MDM Upgrades – Good and AirWatch• Proofpoint Archive data conversion and importBackground Investigations:• 125 needed for operational state• 17 @High; 23 @Moderate; 93 in progress• 150 total submitted; 50 explicitly denied
  14. 14. Current Challenges• Background Investigation of Microsoft Operational Team (60 needed for pilot; 125 needed for full operational state)• Network Ports and Firewall Rules validation• ESA IV Transition timing and IT Staff Preparedness• MDM Upgrades needed for Office365 compatible versions (Good and AirWatch)• ATF Active Directory synchronization via MMSSPP• Proofpoint data conversion and import (separately funded and executed)• Security Certification and Accreditation• Enterprise Content Governance Policies and Procedures15
  15. 15. Lessons LearnedThe reality of “Cloud”• Private/dedicated• Evolving baselinePersonnel security factorsSecurity controls• Consistency• “Medium” vs. “High”• Real vs. Aspirational
  16. 16. Expected ResultsBetter, more cost-effective services for ATFProven solution for DOJValidated through FedRAMPAvailable to other customers (Federal,state/local, commercial, …)
  17. 17. Questions?Rick HolgateAssistant Director for Science & Technology / CIOBureau of Alcohol, Tobacco, Firearms & Explosives (ATF)@rickholgate
  18. 18.