Three overarching needs are consistent across almost every data center effort:
Government IT leaders may deploy commodity hardware and open-source software to address these data center security needs. The low acquisition costs for these solutions are attractive, but unless organizations have a large and experienced IT staff, they can find that maintaining these systems requires too much time and effort, potentially leading them right back where they started.
Most government IT leaders realize the less they spend on maintenance, the more they can devote to building new systems and new solutions for their agency and constituent needs. However, many IT managers are helpless to reach that reality; their legacy infrastructure, management tools and processes simply require too much time and budget to maintain.
This reality can set up an adversarial relationship between IT and agencies they serve, with mounting frustration on both sides: the agencies and departments feel that IT is unresponsive to their needs, while IT feels stretched thin and struggles to keep up.
The challenges posed by the maintenance of legacy systems also has undesirable effect of driving up IT-related expenses at a time when leaders are under nearly constant pressure to reduce IT spending, and help drive revenue. In order to find the savings they need, IT leaders often evaluate two different options:
Data center consolidation is also a hot topic on the subject of managing data center cost. Following suit of the Federal Data Center Consolidation Initiative (FDCCI), local agencies are realizing the spend associated with redundant and inefficient infrastructure, long-term. To reduce space and save on energy, agencies can move to a hyperconverged, virtualized infrastructure. Changing locations can even decrease IT costs in some cases.
The path forward requires more than just hardware consulting and migration project management: It requires a strategic understanding of mission-critical systems paired with an open, vendor agnostic approach to appliance and network hardware that accommodates hybrid solutions to achieve mission goals.
Both growth and cost challenges of today's government data centers work within a much larger and more sinister context as well: data theft and loss. With the internet, the Internet of Things (IoT) and the flood of public data being digitized, the big data explosion requires more storage and larger infrastructure, accommodating bigger files and more powerful networks to transport them — all of which incrementally increase data security risks.
A high-profile security breach can cost billions in damages, putting IT infrastructure under intense (often political) scrutiny. With the number of break-ins and the damage they cause on the rise, data centers are forced to perform a high-risk balancing act: driving more data, accessibility and capability without increasing their agencies' or constituents' vulnerability in the process.
Further, emerging mobile and cloud computing models expose state and local governments to new security risks — risks compounded by the social networking and collaborative nature of today's constituents and government workforce. IT managers delivering new mobile and cloud solutions must plan to mitigate the increased risks of data theft, fraud and privacy breaches that result. Unfortunately, such security plans negatively impact agility, maintenance burdens and IT costs, adding another layer to the existing challenges of data center services.
Even supply chain security is a hot topic, with agencies often asking data center vendors, “How do you secure your IT supply chain management?” Agencies need to ensure the security of network devices from manufacture through installation and deployment, combating instances where something embedded into the device’s hardware or firmware may present a network security compromise. Data center discovery therefore needs to include a supply chain element, defining provenance and tracking the logistical path of system hardware, software, appliances and applications along their entire lifecycle.
Here again, an understanding of the missions served by the data center also requires a holistic and comprehensive security mentality that spans far beyond the walls of the data center or even the firewalls of the network security applications. Risk management must peer back to the creation of data center solutions, as well as forward into its deployment for a mobile workforce and constituency.