Kris Teutsch is the Director of Microsoft Federal’s National Security Group. He has worked in this area for nearly 30 years, as a government employee, security consultant, and vendor.

Today, we face the nearly constant challenge of preventing, preparing, responding, and recovering in an all-hazards threat environment. To this end, secure and trusted information gathering, assessment, and sharing are critical across all levels of government and the private sector in order to protect our homeland and counter potential threats.

As national security leaders work to achieve secure transparency and interoperability, there are countless approaches that can be taken. However, this article will discuss only a few of the broader IT considerations that can be implemented. Our national security community must find ways to address the growing cyber-threats created from adversaries both old and new, implement strategies to maintain continuity during times of crisis, and find solutions to modernize our nation’s aging enterprise systems.

No matter how daunting the task is, we need to create secure, transparent, and interoperable systems.

Securing Cloud-Based Collaboration

For agencies that work day in and day out protecting our vital national interests at home and abroad, cross-agency collaboration has never been more critical. The imperative to collaborate has come together with the need to operate more cost-effectively by sharing information and information-processing resources.

Cloud computing promises to play a key role in aiding the national security community to facilitate collaboration by centralizing and consolidating infrastructure resources that support a more integrated approach to gathering intelligence and sharing analytical processes across agencies.

However, for all the efficiency cloud computing seems to guarantee, it presents an equal number of security concerns. The adoption of cloud services, including the continuing evolution of technologies and business models, creates a dynamic hosting environment, which is of itself a security challenge. Keeping pace with growth and anticipating future needs is essential to running an effective security program. In addition, another security concern to take into consideration is that emerging cloud business models create a growing interdependence among public- and private-sector entities and the people they serve. Such organizations and their customers will become more interdependent through use of the cloud. With these new dependencies come mutual expectations that platform services and hosted applications be secure and available.

As cloud computing becomes more widely used, so do the attempts to infiltrate or disrupt online service offerings. While pranksters still seek attention through a variety of techniques, more sophisticated malicious attempts aimed at obtaining identities or blocking access to sensitive business data have emerged, along with a more organized underground market for stolen information.

To create a secure cloud computing environment, it’s important to address three areas.

The first focus should be on using a risk-based information security program that assesses and prioritizes security and operational threats to the business. The cloud computing environment should maintain a detailed set of security controls that mitigate risk, and it should include a compliance framework to ensure that controls are designed appropriately and operating effectively.

One such example of a secure cloud computing collaboration environment is fusion centers, which are usually jointly funded by federal, state, and local resources and are often located in heavily populated regions across the United States. For more information, see the section on Fusion Core Solution.

Maintaining Business Continuity During Crises

Natural disasters are becoming more frequent, growing more severe, and affecting more people than ever before. In a crisis, whether it’s manmade or a natural disaster, it is important for national security that organizations be prepared to sustain operations while the crisis is addressed, as well as during recovery. Preparing your agency to maintain essential functions during an emergency and through recovery requires a combination of planning, preparation, agility, and adherence to a continuity-of-operations (COOP) plan. In addition, communication is a focal point of both federal COOP mandates and recommendations at the ready.gov portal for agencies and businesses.

An effective COOP plan for your organization should help ensure continuous performance during an emergency and take advantage of familiar tools that can serve as immediate lifelines when disaster strikes. It’s important to also supply reliable communications and access to vital information for support agency staff and partner agencies so that they can work and collaborate from remote locations during a crisis.

Unified communications—the integration of real-time communication services (for example, instant messaging and video conferencing) with non-real-time communication services (for example, unified messaging)—plays an important role in improving COOP by providing the interoperability and mobility to enable workers to easily connect with the right people and organizations regardless of location or platform. In addition, unified communications enable organizations to maintain network and data security with interrelated encryption technologies that can help protect even highly sensitive data, regardless of location.

Unified communications also bring the national security community the capability to share information from remote locations using devices such as laptops, computer kiosks, and smartphones and the ability to collaborate and respond rapidly to emergencies, such as natural disasters, terrorist acts, and disease outbreaks, from backup locations. Additional benefits of unified communications include accountability with the same technology used in the office, through a familiar and intuitive interface while enabling integration with Voice-Over-Internet Protocol solutions to give you the ability to pick up or reroute your desk phone and enable simultaneous ring to all team members from anywhere in the world that has connectivity.

It’s also important to note that unified communications solutions not only help in national security scenarios, but they also can help organizations reduce operating costs, consolidate infrastructure, and leverage human capital more effectively.

Another strategy to ensure COOP is to implement information and communication technology (ICT) solutions. ICTs allow users to participate in a rapidly changing world in which work and other activities are increasingly transformed by access to varied and developing technologies. They can play a key role in maintaining business continuity and worker productivity by keeping your organization’s workforce connected to the applications, data, and communications they need when disruptions prevent employees from reaching the office.

For example, ICT solutions can help first responders stay connected around the clock and get the information they need to collaborate and respond more effectively. By providing first responders with the tools for effective communication and collaboration to overcome challenges posed by distance, diverse languages, cultural differences, geographic barriers, international borders, and damaged infrastructure, ICT can help reduce the loss of life and property, reunite families, and alleviate human suffering.

As your organization works to establish its own continuity plan, some key ICT considerations must be addressed. Do end users have access to laptop or personal computers? Is there a comprehensive security solution in place to protect the infrastructure, assets, and users from various threats, while allowing end users to access what they need remotely from a variety of endpoints? Do all users have browser-based access to email? Audio and web conferencing? Are they trained? Do you have the servers to support a major shift to remote working? Do the Internet service providers have the bandwidth to support that?

Figure 1: An example of an easily manageable system that allows all COOP information to reside seamlessly on users’ computers (backup, home, or other), ensuring that users have the information needed in the event of accessibility problems. Courtesy of Microsoft.

Modernizing Our Nation’s Enterprise System

Another challenge that the national security community must address is its aging technical infrastructure. While all government agencies are challenged to optimize the performance of information systems that have been around for many years, the Intelligence Community faces unique challenges to effectively modernize its enterprise systems.

As technology cycles accelerate, many government IT managers must address the questions of what to do with assets that are aging and increasingly ineffective, or for which internal technical expertise may be waning. While most people think of aging mainframes when the term “legacy systems” enters the conversation, the fact is that any technology for which support and expertise have lapsed or become lost in the clutter and complexity of today’s hybrid enterprise computing environment can fall into this category.

In fact, the negative impact that legacy systems can have on government enterprise networks and computing environments can be significant and contribute to today’s national security risks. Unattended legacy systems can represent significant points of risk for an organization. Code or hardware that is out of date often has problems operating with new applications that have been developed in response to evolving agency mission requirements. Ineffective integration can compromise the integrity of an enterprise system and can represent a vector of attack against agencies with a national security mission.

Additionally, legacy environments are often based on proprietary technologies, which can inhibit collaboration within and between government agencies and can present a point of friction in the flow of information because proprietary technologies often cannot be effectively updated or integrated with other systems.

It is important for any organization or government agency to identify an enterprise modernization strategy. In fact, an enterprise modernization strategy can help agencies manage the risks and iron out the inefficiencies that are associated with legacy systems. It provides a systematic way to rapidly inventory all assets, identify the utility of all key codes, and enable managers to develop a structure for reusing assets cost-effectively and time-efficiently.

If well implemented, an enterprise modernization initiative can reduce the amount of time and money that organizations invest in maintenance activities, allowing organization and agency leaders to allocate more resources to new development projects that exploit new opportunities or address new developments in the threat landscape. The final result is a more dependable and flexible platform for multiagency, multi-jurisdictional cooperation.

The questions are where to start, whether the modernization effort is working, and when enough is enough. From reviewing some of the best practices that I have seen in government and the private sector, here are a few thoughts on specific steps and considerations that organizations and senior agency officials in the national security community are working on to ensure that their enterprise technologies are effectively supporting the mission.

Create a mission-oriented assessment of current assets. This first step should come as no surprise. Organizations need to make sure that they are looking at the performance of their current systems from the perspective of the constantly changing mission objectives. As the mission of an agency evolves, so should the metrics for systems that support the agency. Officials with mission completion responsibilities should interact with technology managers to explore ways to either enhance current infrastructure elements to support the mission, and/or replace elements that cannot effectively and cost-efficiently be updated. The new enterprise networks must be the byproduct of collaborative analysis and planning of a multidisciplinary group that together has a comprehensive perspective on what is critical, complementary, and/or unnecessary to technology performance.

Develop a comprehensive optimization methodology. Armed with a more complete and dynamic picture of operational requirements, agencies should develop a structured, systematic process for assessing an organization’s IT infrastructure and platform across capabilities in order to provide an optimization roadmap. This provides critical assistance to agency managers involved in defining and implementing optimization initiatives that will enable proactive IT management and deliver cost and risk reductions across the IT organization and the agency as a whole. It also enables agencies in the national security community to realize the full value of their IT infrastructure and platform investments while making these same investments that facilitate innovation in ways and means.

Establish a process productivity optimization program. Finally, there should be a constant flow of discussion on opportunities to redesign processes and reevaluate how both headquarters staffs and agents in the field do their jobs. A system needs to be put in place that helps streamline the management and control of content and processes across all areas of operation.

Even though these initiatives will vary greatly from agency to agency within the national security community, one thing is shared by all players in this environment: the threats are constantly changing and the ability to mitigate threats and manage risks must be achieved.

Fusion Core Solution: Miami-Dade Police Department and Microsoft Extend Situational Awareness for Super Bowl XLIV

The ability to effectively collect and manage vital intelligence is critical to a fusion center’s mission, yet fusion centers face many significant challenges. For example, they have very different processes and methods for collecting information. Once collected, information is often entered into proprietary and incompatible systems that quite often have weak and incompatible security access management. Much of the information collected also lacks any geospatial references that can aid in viewing this information on a map.

To overcome these challenges, the Miami-Dade Police Department and Microsoft joined intelligence efforts surrounding Super Bowl XLIV to use an enhanced information-sharing and intelligence-gathering solution. Fusion Core Solution helped extend the reach of local, regional, and national public safety organizations charged with securing Super Bowl XLIV to more effectively identify and help prevent threats potentially posed by organized crime, gangs, drug cartels, and terrorists.

Fusion centers also encounter difficulty in working with massive amounts of information to organize, analyze, and distill it into meaningful and usable intelligence. Without access to effective analysis and modeling, it is difficult to effectively identify patterns, trends, and relationships among fused data sources, and time and effort are wasted on determining what information is relevant to the current task. These problems can significantly hinder the ability of fusion center analysts to take appropriate action.

With the Microsoft Fusion Core Solution, the Miami-Dade Police Department Fusion Center personnel were able to move information from intake to analysis to dissemination in a multilevel environment, while using existing assets and applications. The solution aggregated data from multiple, disparate sources and displayed it in a common fashion to aid in analysis.

A core purpose of a fusion center is to facilitate the sharing of information across law enforcement and other public safety and private entities. Yet, information sharing is one of the biggest obstacles to be overcome. Many of the information-sharing systems were developed before today’s information exchange standards (such as the National Information Exchange Model). Integrating nonstandard information systems can be difficult and expensive. To make matters more difficult, these systems have varying security models and methods of authentication and authorization that can inhibit effective information sharing, especially as security concerns affect the level of trust that agencies have in sharing information.

Without accurate and adequate information, fusion center personnel can take the wrong action or miss the opportunity to take any action. Fusion centers can also experience a significant decrease in collaboration and coordination among partners because effective and timely exchange of information is difficult. It is also difficult for fusion center personnel to make policy, procedure, and technology improvements because there is no mechanism for eliciting and receiving feedback for products and services the fusion center delivers.

As evidenced by the attempted bombing of Delta’s Amsterdam-to-Detroit flight on Christmas Day 2009, our national security community faces massive amounts of information to organize, analyze, and distill it into meaningful and usable intelligence. Using the Microsoft Fusion Core Solution, the Miami-Dade Police Department was able to take action to prepare for and counter potential threats and criminal activities.

Figure 2: A replication of a fusion center utilizing Fusion Core Solution. Courtesy of Microsoft.