DHS panel on going all in on cloud, from enterprise to edge
At least two large components of the Homeland Security Department are leading the way on what might best be described as third-generation cloud computing.
If initial cloud usage took email and other office tools off federal servers, and the second generation pulled in mission and operational support applications, the third generation of cloud will fully optimize code development, communications and data management for commercial cloud computing.
A case in point: the U.S Immigration and Customs Enforcement. ICE is completely in the cloud, said Richard Clark, the DHS agency’s chief technology officer. Speaking at a panel said during a panel at the Federal News Network Cloud Exchange 2023, he said ICE has “fully exited DHS data centers.”
It was a years-ago effort by DHS headquarters to consolidate components in departmental data centers that prompted ICE to explore cloud adoption.
“We saw [the consolidation] as a huge opportunity to exit from the data centers,” Clark said, “because moving from one zone to another was not going to provide us any real benefit.”
He added: “We may not quite have been ready for it. But we took it on with gusto, and we’re very happy that we are 100% in the cloud.”
At sister component Customs and Border Protection, the sheer scale of its transactions and their value prompted a steady move to the cloud, said Edward J. Mays, CBP’s deputy assistant commission for infrastructure and support services and its chief of enterprise infrastructure.
Mays pointed out that $2.7 trillion a year in exports — coupled with duty collections in excess of $100 billion — produces 40 billion transactions daily. The result? Multiple petabytes of data crossing CBP networks, he said.
As it continues its broad use of cloud, Mays’ group is also transitioning CBP’s communications infrastructure from traditional proprietary circuits to public broadband, brought together in the agency’s internet connection points.
“We think we’re about a year out, maybe a little more,” he said. That new infrastructure will unify how data from edge collection points get to cloud applications and vice versa, so that data is available to analysts, say, on the Southwest border, Mays explained.
Taking cloud to the edge
The next iteration of cloud architecture will unite “hardware, software and cloud to securely connect sensors and systems in complex operational environments,” said Mathieu Guillebaud, product development director for the global security products at Leidos.
He cited scanning equipment Leidos deployed at the border that will generate a lot of data needed for support analysis and decision-making.
“We think in terms of extending the cloud out to the edge, bridging that gap,” Guillebaud said. “We call that edge-to-cloud.” In this scenario, edge sensors and other data gathering devices stage data in “some sort of on-premises rack, perhaps at a port of entry or in a regional command center … and then share it up to the traditional cloud, the enterprise.”
With cloud a given, what’s next? Guillebaud said he expects agencies to continue updating applications that they might have simply slid into the cloud initially. The idea is to render them more cloud-native and therefore easier to keep up to date.
“From our perspective, the concept of continuing to adopt cloud-native architectures and microservices-based approaches lends itself well to future-proofing,” he said. “And that goes along with continuing to leverage containerization technologies that allow deployment and management of services across geographic areas from the edge to the cloud.”
Clark noted that ICE has numerous active projects in containerizing applications.
“As I tell our teams: If you’re going to do all of the work to have a well-contained application, you should consider just going that extra flight of stairs and go serverless because that that will give you even more benefits than just going to containers,” he said.
Going serverless lets the agency rely on a cloud services provider to manage infrastructure capacity in response to demand for a particular application at a given time, which helps manage cost.
“A big part of that is breaking down the application into some of the component services, making certain that those can run the way they want to,” Clark said. “So that you know at 3 a.m. on Christmas Eve, when you know there’s only one guy logged into the system, we’re not running infrastructure that’s designed to support 6,000 users or whatever.”
Agencies also expect the capability of mixing and matching containerized software functions in an agile manner to create new applications, he said.
Evaluating costs vs. benefits in the cloud
Like any technology, cloud computing requires an investment in times and resources. Initial lift and shift of applications to the cloud didn’t always lead to cost savings, but rather a change from managing equipment on premises to managing services. Mays said that as CBP continues its cloud journey, it will look for efficiency and savings. He agreed that a model of moment-by-moment consumption, coupled with the ability to scale up rapidly if needed, offers a pathway to that efficiency.
Better customer service and more extensive use of artificial intelligence also are part of CBP’s cloud goals, he said.
To improve customer experience, “it’s absolutely critical to ensure that you get that crosscutting thread that allows your customer base, your users, to actually access the services they need in a very easy manner.”
CX and A both focus on getting cloud services to the edge — the command centers and control centers where CBP agents and other employees interact with people and business entities.
“We’ve got at least 40 AI programs underway and probably another 140 or so robotics process automation efforts as well. So that’s a big thing for us,” Mays said.
Because managing clouds differs from managing data centers, he said his team has created a cloud services brokerage to help with cost-benefit analyses, architecture evaluation and application development.
“These are things that we’re doing differently now that I think will change the value proposition for our trusted partners and our stakeholders,” Mays said.
To read or watch other sessions on demand, go to our 2023 Cloud Exchange event page.
Copyright
© 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.