The Justice Department has a clear vision for where its technology is headed in the next few years, and it is squarely focused on driving innovation and enhancing cybersecurity at the same time.
In March, the DOJ released its “Information Technology Strategic Plan” for fiscal years 2019-2021, which outlines how the agency and its components will “better meet customer needs, enable innovation in technology, manage risk, and reduce costs by moving to new models of service delivery.”
The plan has four key goals:
- Continuously improve service delivery
- Effectively invest in technology
- Protect critical mission assets
- Build innovative capabilities
To get there, the plan calls for specific actions to transform the agency’s IT. Those include “delivering reliable and resilient systems and services, and timely and effective customer service”; allowing for “trust through communication and collaboration” across the agency’s technology environment; and moving to “standards to simplify and standardize technology.”
DOJ will also focus on improving the return on investment of IT assets; “reducing costs through shared services and strategic sourcing” of IT; enhancing security in particular areas, including access management and incident response and recovery; optimizing the agency’s ability to “share information and build enterprise data management capabilities as a collective and unified department”; and “supporting innovation and modernization to enable the DOJ mission.”
Cloud, Technology Simplification Are Key to DOJ’s Innovation Push
The agency says it will work to support reliable and resilient IT services that maximize use of cloud services, modernized on-premises applications and securely managed systems. It also plans to increase user productivity through the use of communication of collaboration tools by enhancing DOJ’s Email and Collaboration Services.
Over the next two years, the agency intends to fully complete the deployment of the ECS program, close and optimize its remaining data centers, and standardize IT support services in this arena.
“Cloud adoption is critical to achieving our objectives for these programs, and we will continue to migrate systems to the cloud over the next three years,” the plan states. For example, the FBI’s Next Generation Identification biometrics system will be hosted in the cloud, allowing on-demand access to law enforcement resources. Other DOJ components are also planning new or additional cloud services.
DOJ will also aim to foster strategic relationships with business partners to improve the way its IT shop does business and will work to integrate self-service processes through intelligence and automation to enhance customer support, the plan says.
Another key element of the DOJ’s plan is to standardize and simplify technology to become more efficient. “DOJ will continue to define and adopt technology standards to improve interoperability and avoid unnecessary short and long-term costs,” the plan says. “For example, many of our components are migrating to the cloud, and we must ensure we are working collectively to design standardized platforms that are scalable and are able to integrate across the enterprise.”
The agency says it will ensure open source alternatives to high-cost proprietary platforms and encourage reuse of any newly developed custom source code. “This makes it easier to conduct software peer review and security testing and to share technical knowledge,” the plan says. “These strategies will result in better aligned, integrated, and optimized service performance, and more efficient and modern systems from best-in-class service providers.”
DOJ Technical Reference Architecture, which provides agencywide technology standards to guide investment decisions, sharing of services and implementation of technology, will help in this regard, the plan notes.
DOJ to Focus on Protecting Critical Assets, Cloud Security
In terms of cybersecurity, the agency plans to conduct “robust and continuous monitoring and planning,” and increase its resiliency through enhancements to connectivity and recovery tools.
The agency also plans to improve its incident response through “rapid-response technology and automated detection and remediation” solutions. And it will also ensure “secure access to mission-critical information through strengthened identity and access management.”
As part of DOJ’s strategic enterprisewide view of risk that accounts for all critical business and mission functions, the agency is “focused on recovery, reconstitution, and continuity of operations for high value assets and mission essential systems.”
Two of DOJ’s most critical initiatives support these principles, the plan notes. The Justice Cloud-Optimized Trusted Internet Connection Service gives the agency “fully redundant, high-speed connections to the internet and direct links to cloud providers for high speed access to critical applications.”
DOJ will also continue to accelerate adoption of the ECS program, which uses “commercial cloud for high availability, automatic failover, and data synchronization for these services — making email, video conferencing, and document sharing capabilities accessible from any device, at any time.”
The agency also plans to deploy “a fully resilient, scalable network by increasing network capacity and high-speed access to our Core Enterprise Facilities and cloud services.” As part of this effort, the agency will “enhance connectivity, shorten provisioning time, simplify network complexity, reduce the number of firewalls, and increase bandwidth for field locations.”
Additionally, the agency will work to “enhance enterprise-wide incident response and invest in cyber hunt capabilities.”
“Incident response limits damage and reduces recovery time and costs to the organization, while cyber hunt capabilities will allow us to proactively identify and remediate cyber threats before they become major issues,” the plan says.
From an innovation perspective, the plan notes the DOJ intends to deploy new technology, including machine learning and advanced analytics. It will also seek to ensure “timely access to and use of reliable data for decision making” and give users more mobile solutions that can be accessed anywhere and anytime.