The Defense Department Has Its Information Systems Strategy--Now What?
We now have the U.S. Defense Department information technology enterprise strategy and roadmap. The new direction calls for an overhaul of policies that guide the department’s information systems. Yet, implementation is a challenge, and several issues require the reorientation of how the Defense Department manages information technologies.
With this strategy, defense personnel will have seamless access to all information, enabling its creation and sharing. Access will be through a variety of technologies, including special-purpose mobile devices. Defense Department personnel use computing services in approximately 150 countries, at nearly 6,000 locations and in more than 600,000 buildings. This diversity calls for standardization of formats for tens of thousands of programs, which requires a complete change in the way department systems are configured.
Commanders will have access to information available from all Defense Department resources, which will enable improved command and control, increased speed of action and enhanced ability to coordinate across organizational boundaries or with mission partners. Yet, more than 15,000 uncoordinated networks do not offer the availability and latency that is essential for real-time coordination of diverse information sources. Integration of all networks under centrally controlled network management centers becomes the key requirement for further progress. This mandates a complete reconfiguration of the Global Information Grid (GIG).
Individual service members and government civilians will be offered a standard information technology user experience, providing them with the same look, feel and access to information on reassignment, mobilization or deployment. Minimum retraining will be necessary, because the output formats, vocabulary and menu options must be identical regardless of the technology used. However, Defense Department systems depend on more than seven million devices for input and for display of information. Thousands of unique and incompatible formats exist for the supporting user feedback to automated systems. These format incompatibilities require replacing the existing interfaces through the use of a standard virtual desktop that recognizes the differences in training and in literacy levels.
Common identity management, authorization and authentication schemes will grant access to the networks based on a user’s credentials, as well as on physical circumstances. Achieving this goal mandates the adoption of universal network authorizations for granting access privileges. This requires a revision of how access permissions are issued for more than 70,000 servers. The workflow between the existing personnel systems and the access authorization authorities in human resources systems will require overhauling how access privileges are issued or revoked.
Common defensewide services, applications and programming tools will be usable across the entire department, thereby minimizing duplicate efforts, reducing program fragmentation and lessening the need for retraining when developers are reassigned or redeployed. But, this policy cannot be executed without revising the organizational and funding structures in place.
Standardization of applications and software tools necessitates discarding much of the code that already is in place—or requires temporarily storing it as virtualized legacy codes. Reducing data fragmentation requires a full implementation of the Defense Department data directory.
Streamlined information technology acquisition processes would deliver rapid fielding of capabilities, inclusive of enterprisewide certification and accreditation of new services and applications. Currently, more than 10,000 operational systems are in place, controlled by hundreds of acquisition personnel and involving thousands of contractors. A total of 79 major projects—with current spending of $12.3 billion—have been ongoing for close to a decade. These projects have proprietary technologies deeply ingrained through long-term contract commitments. Disentangling the Defense Department from billions of dollars worth of non-interoperable software will require congressional approval.
More than 50 percent of information technology spending is in the infrastructure, not in functional applications. The Defense Department chief information officer (CIO) has clear authority to direct the reshaping of the infrastructure organizations. Consequently, the strategic objectives largely can be achieved, but only with major changes in the authority for the execution of the proposed plan. It remains to be seen whether the ambitious strategies will meet the challenge of the new cyber operations.