Plans to migrate LAPD to Google's cloud apps dropped
Service is incompatible with FBI's security requirements, city says
Computerworld - After more than two years of trying, the City of Los Angeles has abandoned plans to migrate its police department to Google's hosted email and office application platform saying the service cannot meet certain FBI security requirements.
As a result, close to 13,000 law-enforcement employees will remain indefinitely on the LAPD's existing Novell GroupWise applications, while other city departments will use the Google Apps for Government cloud platform.
Council members last week amended a November 2009 contract the city has with systems integrator Computer Science Corp. (CSC) under which CSC was supposed to have replaced LA's GroupWise e-mail system with Google's email and collaboration system. Under the amended contract, the LAPD will no longer move its email applications to Google.
Instead, Google will pay up to $350,000 per year for the LAPD to maintain its GroupWise licenses for the entire term of the CSC contract and any extensions beyond that. Google will also substantially reduce the amount it charges for the rest of the city's use of Google Apps. Under the amendment, CSC too will reduce its initial integration fee for the project by $250,000.
Earlier this month, LA's chief legislative analyst, Gerry Miller, and its chief administrative officer, Miguel Santana, said the contract amendment was necessary because the Google service could not be brought into compliance with the FBI's Criminal Justice Information Systems (CJIS) requirements.
"Although CSC does not have the technical ability to comply with the City's security requirements, it should be noted that the DOJ requirements are not currently compatible with cloud computing," the two wrote in a memo to council members.
The CJIS database is maintained by the FBI and is one of the world's largest repositories of criminal history records and fingerprints. The records are accessible to law enforcement officials around the country, but all entities authorized to access the database are required to comply with a strict set of security requirements pertaining to the manner in which the data is accessed, shared, transmitted, stored and destroyed. The security requirements include encryption of all data, both in transit and at rest, and FBI background checks on anyone who accesses the database. The policy applies to anyone with access to the database, including contractors.
The contract amendment proposal recommended by Miller and Santana does not make it clear how Google and CSC failed to comply with those requirements.
In the past however, city officials have not minced words in expressing their frustration over the issue. In a strongly worded notice of deficiencies to CSC last December, LA CTO Randi Levin blasted Google and CSC for repeatedly committing to deadlines for implementing the security requirements but then failing to meet them. At the time, Levin noted that the delays had forced the LAPD to move about 1,900 users who had migrated to Google's new email system back to the old GroupWise platform. The delay also caused the LAPD to postpone its planned migration of 4,000 more users to the new system last October, Levin said.
In April, the Los Angeles Times reported that the city was considering suing Google and CSC over their delay in implementing the CJIS security requirements, which both companies had agreed to implement previously.
Google maintains that the LAPD's security requirements were never part of the original contract. The company claims that the security requirements were introduced only after the migration to Google Apps was well underway at LA. According to the company, CJIS requirements are incompatible with cloud computing environments, and therefore present a unique challenge not just for Google but any cloud vendor attempting to migrate a law enforcement system to the cloud.
- Cloud security concerns are overblown, experts say
- Cloud computing 2014: Moving to a zero-trust security model
- Amazon hiring 'top secret' IT staff as it fights for CIA work
- Empire state ends IT empire building
- No, your data isn't secure in the cloud
- Snowden revelations may cost U.S. cloud providers billions, says study
- DHS shifting to cloud, agile development to boost homeland security
- Cloud computing's big debt to NASA
- Coke bottler picks SaaS over SAP
- Inmate data paroled from mainframe
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- ESG: The IBM FlashSystem 840: Technical Evolution to Deliver Business Value In this whitepaper, you will learn how this high-speed storage technology has tremendous potential to support I/O-intensive and/or latency-sensitive applications.
- Choosing an MDM Platform: Where to Start the Conversation If you're in the early stages of choosing an MDM solution, or you're considering switching vendors, here are seven critical questions to ask...
- Axeda Platform Technical Overview This paper summarizes the major features of an IoT platform and explains how they simplify and speed the process of developing and deploying...
- Stock Shock: The effect of project and portfolio management on share price In this independent report, you'll see the intrinsic connection between long-term capital investment and short term market performance -- and how this can...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources... All Cloud Computing White Papers | Webcasts