From: Government Security News
By: Jeff Cherrington
The 25 Point Implementation Plan to Reform Federal Information Technology Management, spearheaded by Federal CIO Steven VanRoekel, has been underway for nearly three years. The goal of this initiative is to increase operational efficiency leading to improved taxpayer value. Reducing the number of federal data centers and shifting to a “Cloud-first” policy are among the major milestones.
Under the plan, the Federal Data Center Consolidation Initiative (FDCCI) sets out to curb current operations deemed “costly, inefficient, and unsustainable.” Many federal data centers consume up to 200 times the electricity of standard office spaces and only use an average of 27 percent of their processing capacity. The FDCCI goals are to shrink the overall energy and real estate footprint; reduce the cost of hardware, software and operations; increase government’s overall IT security posture; and shift IT investments to more efficient platforms and technologies.
This vast scope includes closing roughly 1,200 data centers by 2015 with projected savings of more than $5 billion over the long term. Its success will remove redundancies and increase utilization to deliver more computing power, while lessening the impact on the environment.
These best intentions, however, are not immune to real world challenges. The monumental task requires coordination of complex IT environments housing massive amounts of data. Agency CIOs lack upfront funding, face aggressive timelines to produce results, and must meet compliance requirements…all while mitigating security risks and maintaining service levels.
Project managers need to assess and move data stored in more than 3,000 data centers. There is an over-abundance of structured and unstructured data that not only depletes storage capacity, but also requires significant expenditures to manage and secure. They need an efficient way to secure and condense data for both onsite and Cloud storage.
The over-arching theme associated with capacity planning is the dynamic tension of balancing resources between three critical aspects of data center operation: cost management, service delivery and risk management. A look at practical solutions immediately available to federal agencies shows that much of the data can easily be reduced without compromising security.
IT capital and operating costs in the data center are driven by requirements for storage, bandwidth and the need to maintain multiple point solutions. Data reduction through compression will reduce overall storage and bandwidth requirements necessary for data transmissions. In practice, compression has shown up to a 95 percent reduction in data size, decreasing overall data-related costs.
Beyond cost management, concerns about meeting service delivery requirements remain at the forefront. As more information is sent over an already taxed infrastructure, transmission times associated with critical operational and service level agreements are jeopardized. And, the “do more with less” mantra certainly won’t support upgrades and investments to improve performance.
Once again, compression is a viable solution. Today’s most economical solution houses multiple files in a single container and applies lossless compression, while using formats that support movement and management of data seamlessly across platforms. End-to-end transmission times can be reduced by as much as 60 percent with compressed data while decreasing the number of transmissions and potential for failure.
While examining data centers for duplication and wasteful practices, the federal government’s risk associated with the billions of records housed across thousands of data centers increases exponentially. Records include taxpayer Personal Identifiable Information (PII), Private Health Information (PHI) and other data covered by government mandates and industry regulations. IT operations must safeguard sensitive data at every stage of a project — both structured and unstructured, in motion, at rest and across multiple operating systems.
Any breach risks disruption of daily operations and future development by audit interference, or worse yet, having funding reduced, delayed or even withheld by the Government Accountability Office for noncompliance. To ensure data integrity, security recommendations span encryption and digital signature capabilities, including AES and 3DES passphrase or certificate-based encryption, and signature authentication support. Use of filename encryption guarantees no sensitive information is exposed without the appropriate passphrase or digital certificate, and automatic “shredding” of electronic files to the DOD 5220 standard ensures deleted original clear text copies of files are not recoverable.
This balanced approach supports the successful migration of data during consolidation efforts and readies IT operations for mandated Cloud and virtual storage opportunities. This shift to a “Cloud-first” policy requires additional insurance that data can withstand threats, even when there is less direct control over the storage of that data. Persistent, file level, data-centric security renders data unusable to anyone that does not have the key to decrypt it, even in the Cloud or if lost or stolen. It protects data transfers to and from the Cloud, regardless if the networks are cellular, Wi-Fi, public or shared. Costs are contained by embracing a compression strategy that alleviates needs for increased bandwidth during transmission as well as the burden and expense associated with additional storage uptake.
The success of any data center consolidation effort is clearly vulnerable to the competing pressures of cost management, service delivery and risk management requirements. Exploring one approach that addresses all three critical aspects has shown how combining compression with data-centric strong encryption vastly diminishes that pressure. Only data-centric security guarantees protection independent of operating system, application and data format, while at rest or in motion. What’s more, compression for efficient file transfer and storage reduction translates immediately to benefits and value for the Cloud.
Jeff Cherrington is vice president for vertical solutions at PKWARE, Inc.
Leave a Reply