Why can't DOD consolidate?

Featured eBooks
The State of Trust in Government
Cybersecurity in State and Local Government
Building Data Literacy in the State and Local Workforce
By Kevin McCaney
 

Connecting state and local government leaders

By Kevin McCaney

|

Readers responding to our coverage of Defense Secretary Robert Gates’ plan to cut $100 billion from the defense budget over the next five years discuss the potential obstacles to DOD IT consolidation.

No one assumes that the Defense Department’s goal of a common operating view will be easy to achieve, if it can be done at all. But what’s standing in the way?

Readers responding to our coverage of Defense Secretary Robert Gates’ plan to cut $100 billion from the defense budget over the next five years – in which he mentioned the costs of decentralized systems – have a few ideas.

“Consolidation is doable where the organizational and cultural will is there," wrote LakeMD, who went on to say that it could be accomplished. "The problem is nobody is willing to give up its program funding until the ‘man in charge’ makes the hard decisions. To be successful, a comprehensive review of the interests of stakeholders (Military Industrial complex, Military Service arms and the State Side Guard/Reserves) will help establish current resources and assets.

Related stories:

Gates’ planned cuts will make only a small dent, analysts say

Gates wants DOD IT consolidation, but the past isn’t encouraging

“Inventorying followed by a genuine effort to achieve accurate labeling and classification of enterprise data and traffic in tiered stages can point the way to a functional and security-efficient infrastructure spread across the globe. Examples of Enterprise Services that must be consolidated to achieve vital mission objectives: IP Address Space Management, Federated Identity Management, Enterprise Messaging and Classification Services, Enterprise Applications and Web Services Architecture. Buried within all this in Steganography will be Strategic Planning, Doctrine and Mission Planning. The objective for consolidating and improving services can definitely be achieved under the Gates plan.”

A reader in the Washington, D.C., suburbs also stressed the cultural challenge. “I was the Director of Security for the Single Agency Manager at the Pentagon in the mid-'90s. The intent then was to consolidate the IT and IT security at the Pentagon. It was a great concept. We discovered, though, that consolidating the IT is a lot more doable than the consolidating the IT culture in DOD. We were successful up to a point. If they can break through the rice bowls, the technology will be easy. Hope for the best.”

Another writer suggested that consolidation must come from the top: “It'll have to be mandated from [the presidential]/congressional level. It will never be done by consensus. Too many rice bowls. A [common operating environment] does not have to mean a monoculture for OS and hardware, which is a [single point of failure] for attacks. Best to start with a blank sheet of paper and build a new system, then start cutting people over and migrating legacy data. To do this correctly, though, DOD would also have to have a standard suite of business processes, datasets, reports, ad nauseam, as opposed to the 5+ sets of everything they have now. That change would be as hard as the software and hardware end.”

And Bill of Reston, Va., was succinct in describing one roadblock: “The current acquisition rules will never allow it.”

The security of consolidated systems was a concern for several readers. One took us to task for stating that a common environment would improve security. “What nonsense. If all of your systems are the same, attacking them becomes easier, not harder,” the reader commented. “A single vulnerability now exposes your entire network, not an isolated section. With the DOD's propensity to use Windows and with all of the zero-day vulnerabilities with ready tools for exploitation, it is just a way of saying to our enemies 'Come get our data, oh and during a critical operation, go ahead and knock are systems down.' … Before NMCI, when a break in occurred or a virus entered the system it might take down a single command. Now it takes down the entire Navy. It has already happened numerous times and will continue to happen until the Navy wakes up and smells the coffee!”

“The security risk of a consolidated and common operating system is that once a vulnerability is found, it can be exploited to gain even more information,” agreed another reader. “I don't think the risk is worth the estimated savings, especially when considering the bureaucratic tendency to overestimate savings and underestimate costs. Another aspect to consider: Will the government choice of IT operating system be instrumental in creating an illegal monopoly?”

“This has several points that I hope, but not holding my breath over, they considered in this process,” wrote another reader. “For the most part consolidation takes out redundancy! I have already experienced network outages that have taken out entire theaters because of one bad replication from a domain controller. Two, where redundancy goes, security also follows. This simplifies the intruders’ need-to-know list also when you cut everything down to one OS. Especially when the company who supplies the software has to give up the source code to other governments in order to do business in that country. Three, in order for this to truly work, some of the ‘higher-ups’ need to start looking into what the other branches of the government are using before creating something from scratch to get that ‘Gee-whiz’ bullet for their job rating. I mean why create a separate contract/facility/etc. in branch A if branch B is already doing it? “

Ken in St. Louis saw value in consolidation but saw other problems ahead. “Generally speaking, anyone in the IT field understands the value of consolidation simply due to cost savings. Additional value is added when you factor security as equally weighed as cost,” he wrote. “Nevertheless, we (DOD) are way out of control on the vast number of server farms we operate and maintain within our respective services. The logical next step would be consolidation as much as practical into [the Defense Information System Agency’s Defense Enterprise Computing Centers] but, as we all know, DISA operates on a working capital fund and charges a premium for their service. Based on a cost value principle, I have no incentive to relocate to a DISA-hosted facility until their prices are more competitive with widely accepted billing rates.”

And several readers questioned the cuts Gates has proposed.

“Secretary Gates is on one hand saying that we need to make everything common and on the other hand proposing that the sole organization within the Department of Defense dedicated to bringing about a common way of doing things, U.S. Joint Forces Command, be closed,” wrote one reader. “Make up your mind!”

“Some of his recommendations are contradictory and will have disastrous consequences down the road,” wrote another reader. “Freezing the civilian workforce was done about 10 years ago. The result is an aging workforce and no one ready for management as the gap caused by the hiring freeze left a big hole in the middle ranks where the next generation of management is grown and groomed. Even now we are short the middle group and use contractors. If contractors are cut back as well, there will be less capacity to deal with the problems.”

Another suggested a solution to the workforce question: “If Gates truly wants to save money, make it mandatory for those active military with 30 years or more of service to retire!!!! They also need to cut down on the civilian upper management and make it mandatory for the civilians to retire at 30 years also. These folks have already capped out on retirement with their top three years. Get rid of some of the dinosaurs and let some new ideas and expertise into the system.”





NEXT STORY: Gates' planned cuts will make only small dent, analysts say

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.