Internaut: DHS provides a lesson for large-scale IT deployments
Shawn P. McCarthy
Read between the lines of the July announcement of the Homeland Security Information Network-Secret and you'll discover two interesting lessons. One is about the challenges faced by government IT managers when they attempt to build a secure nationwide data network. The other is how to do a quick work-around when problems are encountered.
First, a little history. In April 2004, the Homeland Security Department announced a plan to build a Homeland Security Data Network. The plan was (and still is) to consolidate five legacy wide area networks inherited by DHS. Two important deliverables were the elimination of any dependence on networks external to DHS, plus securing a portion of the network for classified data transmission. It's potentially a $350 million-plus project if all options are exercised by the end of 2005.
But the project fell behind schedule. Three months ago, DHS acting inspector general Richard L. Skinner questioned whether proper security standards and policies were in place. Some DHS agencies had yet to be connected to the new network, and culture clashes bubbled up when it came to sharing classified information.
Besides providing secure communications for DHS employees, a key operational task for the HSDN was to create a secure data path to as many as 600 federal, state and local agencies in order to share classified information as needed. And that's where things have grown even more complicated.
Besides the challenge of refereeing disputes over local jurisdictional control and system access, few local police departments and emergency crews have networks capable of highly secure communications. While most networks today can create secure connections and handle encrypted data, a truly secure network requires much more, starting with a solid, widely implemented public-key infrastructure.A stopgap measure
Enter the new HSIN-Secret, which is more a stopgap measure than anything else. Available internally to thousands of DHS employees, its initial roll-out to state and local participants is being facilitated via dedicated notebook computers sent to 50 state emergency operations centers, plus several state and local law enforcement stations.
The lesson: To coordinate participation and bypass the systems of those outside your chain of command, sometimes it's easier to build and deploy the system yourself, providing all the necessary hardware, software and access permissions. Matthew Broderick, director of the Homeland Security Operations Center, recently told Congress this approach offers quick deployment of an 'inexpensive and temporary' solution allowing DHS to meet the challenge of classified information distribution. DHS plans to fund additional workstations and thousands more secret clearances for local officials or contractors.
As for the challenge of further consolidating DHS operations, the department has developed its own enterprise architecture and recently announced plans to merge 20 portal systems and about 150 Web sites into a single enterprise portal serving the full agency. That's ambitious, considering the HSDN isn't yet fully deployed.
The larger issue for ongoing consolidation will be content management, as well as the task of properly tagging all data so that it's both easily indexed and distributed, yet tightly controlled when it's classified. That remains a huge task and the process is likely to be slower than anticipated.Shawn P. McCarthy is senior analyst and program manager for government IT opportunities at IDC of Framingham, Mass. E-mail him at firstname.lastname@example.org.