May 04 2011

The FedTech Interview with Richard Spires

FedTech talks with the CIO, Homeland Security Department

Passions run deep, even in IT. Just ask Richard Spires. He has one for data center consolidation.

As CIO for the Homeland Security Department, it's a focus for him within DHS. But Spires also has taken on the role of consolidation advocate on the federal CIO Council at the behest of White House CIO Vivek Kundra.

Passions run deep, even in IT. Just ask Richard Spires. He has one for data center consolidation.

As CIO for the Homeland Security Department, it's a focus for him within DHS. But Spires also has taken on the role of consolidation advocate on the federal CIO Council at the behest of White House CIO Vivek Kundra.

It's Spire's contention that consolidation — driven by standardization — empowers the IT department because of the efficiencies to be gained. Those savings can then be pumped back into innovation, mission-driven efforts and new initiatives.

Spires talked with FedTech Managing Editor Vanessa Jo Roberts about consolidation, why it pays to start with rationalization and other critical issues faced in the federal enterprise today.

FEDTECH: One of the things you often say is that you have a passion for data center consolidation. What is your goal within the Homeland Security Department and then beyond DHS?

SPIRES: At DHS, we don't just run a data center for the data center's sake. It's really about what I would call IT infrastructure rationalization, which is consolidating where it makes sense to consolidate. And it really does in our case.

We are working to consolidate more than 40 data centers. Some of them are small, but they still fit that definition of data center that we are using at the federal level — more than 500 square feet of raised floor where we have servers. We are really trying to drive that. Obviously, from a green perspective and from just a cost perspective, it makes sense.

But more important than that, in my mind, is the chance to drive IT efficiencies, to build our own private cloud capability. As called out in the White House 25-point plan for IT reform, we want to drive where that commodity IT is and drive as much efficiency and cost savings as possible, but still offer at least the same level of service, if not improved service.

That then frees up funds or resources to focus on those more mission-critical functions that we need to perform in IT. That way, we are really able to pour more resources into the business functionality or mission functionality that we need in DHS. So, it's really important to rationalize our IT infrastructure as much as possible, and data center consolidation is a big part of that.

Maybe that's where the passion comes from.

FEDTECH: The concept of consolidation is not new in federal IT. What's different now? What's going to make this more achievable or happen in a quicker fashion?

SPIRES: It's a good point, and it's not that this hasn't been tried before. So, what's different? I would say a couple of things.

One, you really do have administration support to do this, including from the White House. This isn't just about a few of the agencies or departments saying, "Oh, we really need to do this for our own efficiencies." The White House is pushing this very, very hard. They see it both from the standpoint of IT efficiency and also from the standpoint of sustainability and the energy savings part as well, which is important. That's one thing that I believe really is different.

The other thing is that the technology or the state of IT today is a bit different. We will see tremendous movement to cloud services, whether they are private cloud services — some of which we are trying and building here in DHS — or whether they leverage public cloud services. That in and of itself has inherent efficiencies that really can help.

The budget pressures are really the third aspect of this. I speak with most of the major departmental CIOs on a regular basis, and we are all feeling the same pinch. We are all looking at how we can drive cost efficiencies. And again, leveraging consolidation and leveraging cloud services is significant.

I think you are going to see the confluence of those three things come together, and that will really give us a chance to have a lot of success in making this happen.

FEDTECH: How is technology helping maintain or even expand services?

SPIRES: Standards, along with things like virtualization and the way software has been developed to support software as a service. We have seen a lot of the industry move to that kind of model.

Within DHS, there is an example. We are leveraging those things in a number of ways and have our own private cloud.

One is pretty simple: e-mail as a service. We are moving to that capability, and we are standing it up. We have awarded it to the service providers that run our enterprise data centers, with the idea that we are going to get out of having to administer the servers, the licenses, the software and having to worry about all that.

Essentially, we are going to buy it by the mailbox. It makes things a lot simpler for us from a contract standpoint when we get out from under the administration issues. Instead, we can redeploy those assets to what I would call strategic things — not that e-mail isn't important, it truly is, but it's also a commodity these days. So, that's one example.

Another example is that we're really building out the capability to have virtualization around things like our development and test environments, so that we are not having to build separate development and test environments as we stand up new programs. We can leverage this in a commodity way, using virtualization technology on stacks of software technology up to the middleware layer, and provision that much faster.

Photo: Gary Landsman
"I speak with most of the major departmental CIOs on a regular basis, and we are all feeling the same pinch. We are all looking at how we can drive cost efficiencies. And again, leveraging consolidation and leveraging cloud services is significant."

It used to take six to eight months for us to stand up a development and test environment — by the time we ordered the servers, got them installed, put the software on, got it all working. If we already have all that in place virtually, we can now turn on things in a week or two for a new application or a new program. That's a huge savings for that program as far as time. That's the kind of model we are moving to.

To an extent, that's production. Why does an organization in DHS need its own production set of servers if we can offer it on a virtual stack of technology? That's a different business model than what we have worked with in the government for a long time, and a very big paradigm shift. But I think a very good one because, over time, that will help us drive standardization as a commodity up to the middleware layer. It will help us drive programs to be standardized where they should be, at the infrastructure layer.

FEDTECH: Does the cloud create a different job for IT in explaining the technology model to program managers and getting buy-in?

SPIRES: Sure. It's a big cultural shift for everyone, and it's not an easy one. We are now getting people flocking to this. They want to be part of this. But you have to build up that trust that you can deliver. You have to have some successes behind you that show you can deliver. And I don't think there is any getting around that.

People are not going to turn over their mission-critical systems to you in a cloud environment — whether it be your own private cloud or a public cloud — unless they have a high degree of confidence in your being able to provide that service. There is a change management process you have to go through.

I think that will accelerate as these services become more pervasive, and more standards become available. But already you are starting to see those barriers start to fall away, actually.

The Federal Risk and Authorization Management Program will be a big impetus too because the other thing everybody brings up is the security. And to the degree that we can get FedRAMP working so that a lot of these services will have a C&A [certification and accreditation] in place, or I should say an ATO [authority to operate] in place that's blessed by, let's say, the Defense Department, DHS and the General Services Administration. Then, I think a lot of the other agencies will take the security on faith.

FEDTECH: How do you decide what can move into the cloud? How do you decide between public and private clouds? Are there legacy data and systems that may never make the shift?

SPIRES: We are going to have all three of those situations. Each agency is going to have to make its own decisions on this. I don't think there is a one-size-fits-all answer.

DHS, as you can imagine given the nature of our mission, is going to have a lot driving to our own private cloud. We will certainly have legacy that won't fit well into that cloud environment. Although, to the degree we can virtualize, we want to do that — even for our legacy applications.

What I think will happen is that as public cloud offerings get established and FedRAMP gets established, the price points are going to be so compelling that you are going to see a shift more and more to the public cloud options.

At DHS, we are going slowly into the public cloud. We are looking to move our public-facing websites with public-facing data into a public cloud environment because it's compelling from a price perspective.

Where do we start moving things that are more sensitive? I think once FedRAMP is established and once we have some confidence in it, we will start to look at moving those applications not having highly sensitive data. I am not wedded to just our own private cloud or our own enterprise data centers.

I want to foster that kind of competition for DHS so that we can get those compelling price points, whether internally or in a public cloud. We are only going to get a real sense of competition by being willing to move things to the public cloud as we have more confidence in the security.

FEDTECH: Another hot security area for agencies is mobility and being able to push as much capability out to the endpoint as possible. What tools are emerging to help you with that?

SPIRES: As you can imagine, we have got a lot of field-based personnel, and they are pushing really hard to leverage newer devices, whether they be the PDA devices, the tablets, the newer phones — even wanting to get into 4G technology on the broadband side for voice and for data. We are looking at all those things. We are running pilots in all of these areas.

I can't say that we have made key decisions about where we are headed with products and the like. Let me say this, though, as an example: We are going to definitely be a big user of tablet technology. What we are doing right now is running pilots with different types of tablets and the big issue — and you said it — is security.

We want to make sure that from a security perspective, we have the same level of device security that we would if that device was sitting on our desktops. That's big for us. The reason we are running all these pilots is to figure out what's the best way to make sure that we keep the security architecture in place, yet still be able to deliver that additional capability to the end user.

That's a tough balance that we have to strike because we are not going to publicly let certain devices onto our network that don't meet our security requirements.

FEDTECH: How do you describe your role as CIO at Homeland Security?

SPIRES: My role has both a strategic as well as an operational component to it.

On the operational side, first, my office supports a lot of enterprise initiatives such as the Enterprise Data Center Consolidation initiative, and I will preside over enterprise data centers. We also support all of headquarters and a number of the components that reside in headquarters from the standpoint of day-to-day IT support. So there is that kind of operational element to the job.

The other — and in my mind, the most important — part is the strategic element. Which is, how do we make sure that we effectively utilize the resources that we have for IT in the order of $6.5 million a year to help effectively drive the mission and business of DHS?

FEDTECH: Is there a connection between data center consolidation and strategic IT management?

SPIRES: It's somewhat aligned. I won't say an absolute alignment because we do operate mission-critical applications as well. But generally, yeah, there is an alignment there. The degree that we can standardize the operations as much as possible, and get them running very well and consolidated and efficient, frees up more money and more resources for us to focus on the more strategic aspects of our role and helping the mission.

FEDTECH: Do you think the job as CIO at DHS has changed since the government formed the department?

SPIRES: Well, having talked to all my predecessors, I would say the answer is definitely yes. Early on, I mean, I kind of felt for [DHS' first CIO] Steve Cooper because he had a hard job of just trying to make sure that the LAN worked, and you could get access, and you could write e-mail. Steve is the one who actually said that working at the department in the beginning was like trying to change the tires on the airplane while it was flying.

That's the nature of a startup, where you have real immediate on-the-ground needs for people to build things so they can do their work. You are in that firefighting, very tactically oriented role as you start. I do think the job has evolved.

I hope I have been building on the shoulders of those that have gone before me, and I am sure whoever comes after me will build on mine in the sense of maturing what we are doing and improving our capacities to better support the strategic role that we need to play.

I would say that I have seen, even in the 18 months since I came on board, a bit of a shift. I am doing less and less of that operational work, which is good, and more and more of the strategic work. We are strengthening the organization to be able to do that. And I think that's a real positive step.

FEDTECH: What about innovation? DHS is a huge agency full of really interesting programs. How do you bring innovation up and take advantage of it across the agency?

SPIRES: On the one hand, you want standardization as much as you can on the infrastructure layer. Then people say, "Oh, that's going to cut innovation." But I would argue just the opposite is true.

We have a lot of the innovations in the applications themselves and in new end-user devices.

Another point about innovation, which I think is critical, is that I am really trying to push the department to look across its bureaus and do a lot more portfolio types of governance and analysis. Instead of looking at it strictly by the organizational structure — the Coast Guard, Transportation Security Agency, Federal Emergency Management Agency and the like — we should look at it from a DHS-wide view.

For instance, we do screening in this department in many different ways, of both people and cargo. We should look at that cross-cut, and look at where we want to be in screening five years down the road, and what innovative technologies or methods are evolving in the marketplace. We should also get our Science and Technology Division more integrated into that process, along with the operators in the field or from the organizations that do screening as well.

We have got to bring people together in a way that the department doesn't do enough of in my view. That fosters true innovation, because a lot of what's going on is somebody in a particular component doing something out in the field that's very innovative really helps. But how does that see the light of day?

FEDTECH: When you look at the work you are doing in your own office, in your own portfolio, how do you measure success for yourself?

SPIRES: I measure success by my ability to impact the department, not so much my success in my own area. Are we driving these strategic changes within the department? How are we implementing IT for the environment and also rationalizing that IT infrastructure for the department?

That's how I am measuring success.

And one last point, how are we building the skill set within IT in this department and in the federal employee base? You have got to position for the future.

<p>Photo: Gary Landsman</p>