While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
The Veterans Affairs Department has been winnowing away at its enterprise systems infrastructure for the past several years, collapsing multiple facilities into fewer total data processing operations, and offering cloud or cloud-like services to users from highly virtualized, highly available centralized data facilities.
During the GITEC Summit 2011 in Orlando, Fla., this spring, IT officials from the VA chatted with FedTech about their programs. Here are some tactical takeaways from Roger Baker, assistant secretary for information and technology, and Horace Blackman, central office CIO.
BLACKMAN: What we found when we had hospitals migrate to regional data centers was that the performance they experienced was actually significantly better in some cases than they had before.
There are a number of reasons for that. First, the infrastructure supporting the regional data centers versus the infrastructure that supported the hospital computers was vastly superior. We have full redundancy in terms of power, in addition to having backup generation at the data centers.
We have fully redundant data communication circuits supporting the data centers. And we used the migration to the regional data centers as an opportunity to upgrade a lot of the equipment.
BAKER: I came out of a highly regimented data center environment at Visa; I know what a well-run data center looks and feels like. When I walked into the VA and started asking for daily reports, one of the things that was very gratifying was that our corporate data center in Austin, Texas, was able to send me more information than I possibly wanted to know: daily change reports, authorization of changes and metrics on availability of their systems. We hadn't driven that across the VA yet at that point.
I am always amazed how little the government focuses on those things. Things that are standard practice for a high-performing data center organization don't normally happen in government, and that's why I was so pleased with what the Austin group was able to provide me.
We see availability on the bulk of the applications now reported on a daily basis across the organization. It's been challenging to get the metrics to the point where you can do an apples-to-apples comparison. But we are getting there — understanding what we are measuring and what we are not measuring.
We have made decisions to centralize things. If network latency were to slow down response time to the clinicians or to the benefits folks, that would be a big issue from our standpoint. There are a lot of things you have to measure to really understand what the pulse of a system is day in and day out.
It gets down to customer satisfaction. If the systems are always available and always doing what people expect and are sufficient and effective, ideally you never have any customer satisfaction issues.
BLACKMAN: We essentially run our own private cloud. The regional data centers serve the medical centers and some of the program offices across the VA as a virtual cloud.
We have a model right now through which we provide essentially cloud services across the department, and we do things such as research and business applications.
We provide requirements, the users provide us a service level and pay based on that service level. There's a negotiation, much as you would have with a cloud provider.
We have actually reached a fair level of maturity with that model, so there are discussions going on now about how we can leverage private clouds in certain instances. There may be [times] in the future where we look toward the private cloud to do things such as e-mail.
ROLL FILM: To hear more from Baker and Blackman about data center optimization, watch the FedTech video at fedtechmagazine.com/
BAKER: There is a very interesting thing about government, and I have had this experience from forcing two CIOs to share a data center. You can't sue another part of the government if they fail to perform on their service-level agreements — and they are going to put their mission ahead of your mission. So these arrangements are pretty interesting.
The arm's length contracting that we do with the private sector tends to give me a little bit more confidence than the same sort of thing inside of government. I know that if the contractor fails, I can either elicit substantial financial penalties or just leave them entirely. That's much harder to do from a governmental standpoint. That's an issue that we have to deal with as we move to sharing things across government. It's manageable, but it's not manageable in the same way that it is between the government and the private sector.