Plans to migrate LAPD to Google's cloud apps dropped
Service is incompatible with FBI's security requirements, city says
Computerworld - After more than two years of trying, the City of Los Angeles has abandoned plans to migrate its police department to Google's hosted email and office application platform saying the service cannot meet certain FBI security requirements.
As a result, close to 13,000 law-enforcement employees will remain indefinitely on the LAPD's existing Novell GroupWise applications, while other city departments will use the Google Apps for Government cloud platform.
Council members last week amended a November 2009 contract the city has with systems integrator Computer Science Corp. (CSC) under which CSC was supposed to have replaced LA's GroupWise e-mail system with Google's email and collaboration system. Under the amended contract, the LAPD will no longer move its email applications to Google.
Instead, Google will pay up to $350,000 per year for the LAPD to maintain its GroupWise licenses for the entire term of the CSC contract and any extensions beyond that. Google will also substantially reduce the amount it charges for the rest of the city's use of Google Apps. Under the amendment, CSC too will reduce its initial integration fee for the project by $250,000.
Earlier this month, LA's chief legislative analyst, Gerry Miller, and its chief administrative officer, Miguel Santana, said the contract amendment was necessary because the Google service could not be brought into compliance with the FBI's Criminal Justice Information Systems (CJIS) requirements.
"Although CSC does not have the technical ability to comply with the City's security requirements, it should be noted that the DOJ requirements are not currently compatible with cloud computing," the two wrote in a memo to council members.
The CJIS database is maintained by the FBI and is one of the world's largest repositories of criminal history records and fingerprints. The records are accessible to law enforcement officials around the country, but all entities authorized to access the database are required to comply with a strict set of security requirements pertaining to the manner in which the data is accessed, shared, transmitted, stored and destroyed. The security requirements include encryption of all data, both in transit and at rest, and FBI background checks on anyone who accesses the database. The policy applies to anyone with access to the database, including contractors.
The contract amendment proposal recommended by Miller and Santana does not make it clear how Google and CSC failed to comply with those requirements.
In the past however, city officials have not minced words in expressing their frustration over the issue. In a strongly worded notice of deficiencies to CSC last December, LA CTO Randi Levin blasted Google and CSC for repeatedly committing to deadlines for implementing the security requirements but then failing to meet them. At the time, Levin noted that the delays had forced the LAPD to move about 1,900 users who had migrated to Google's new email system back to the old GroupWise platform. The delay also caused the LAPD to postpone its planned migration of 4,000 more users to the new system last October, Levin said.
In April, the Los Angeles Times reported that the city was considering suing Google and CSC over their delay in implementing the CJIS security requirements, which both companies had agreed to implement previously.
Google maintains that the LAPD's security requirements were never part of the original contract. The company claims that the security requirements were introduced only after the migration to Google Apps was well underway at LA. According to the company, CJIS requirements are incompatible with cloud computing environments, and therefore present a unique challenge not just for Google but any cloud vendor attempting to migrate a law enforcement system to the cloud.
- Enterprises increasingly look to the private cloud
- Without the cloud, Microsoft may lose grasp on the enterprise
- How the cloud can make IT shops more innovative
- Business users bypass IT and go rogue to the cloud
- HP looks to ease enterprise IT cloud fears
- Afraid of the cloud? How to handle your fears
- 5 reasons why Google can catch Amazon in the cloud
- Public cloud market ready for 'hypergrowth' period
- Cloud security concerns are overblown, experts say
- Cloud computing 2014: Moving to a zero-trust security model
- REST easy: API Design, Evolution and Connection RESTful design increases API performance, reduces development effort, and minimizes operational support burden. By following a few best practices and selecting RESTful tooling,...
- DevOps meets ALM in the Cloud - Cloud DevOps PaaS To improve software delivery performance and effectiveness, teams need automation, governance, architecture best practices, and increased team collaboration. Find out more.
- The Path to Responsive IT A responsive IT team enables on-demand self-service, ticketless IT, a low cost structure & wider participation. When extending the IT team to analysts,...
- WSO2 Reduces Infrastructure Cost and Improves Agility By adopting WSO2's cloud-native multi-tenant deployment topology and offering middleware as a service, your team can reduce costs and deliver a complete solution...
- ElectricAccelerator: Dramatically Faster Builds and Test ElectricAccelerator dramatically speeds up builds and test by parallelizing jobs across clusters of physical or cloud CPUs.
- Electric Cloud: Your AnthillPro Alternative Many organizations have become leery about AnthillPro since its acquisition by IBM. In this webinar, learn why ElectricCommander is an excellent alternative to... All Cloud Computing White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!