SEWP Contract Guide
Technology and Government
Making mission the priority.
In pursuit of their missions, agencies will continue to build capabilities requiring IT modernization — analyzing massive amounts of data, collaborating with trusted partners and refining processes to increase efficiency — while keeping security front and center.
The President’s Management Agenda outlines several relevant initiatives, while the OMB’s Federal Data Strategy promotes the use of data as a strategic asset. Cloud Smart helps agencies understand when cloud- based technologies make sense.
Some agencies are going further. The Defense Department has developed the Digital Modernization Strategy, which lays out an agenda for developing “a more secure, coordinated, seamless, transparent, and cost-effective IT architecture that transforms data into actionable information and ensures dependable mission execution in the face of a persistent cyberthreat.”
Modernization pays off
Modernizing an IT architecture can pay off in many ways. Replacing existing infrastructure with cloud-based alternatives can eliminate maintenance and outage. Modern technologies can drive speed, innovation, transparency and accountability. Most important,
a modern IT architecture promotes visibility and granular controls, a critical component of cybersecurity.
“As agencies move workloads to the cloud and enable a mobile workforce, they are bound to lose visibility,
so visibility has to be top of mind
S-42
for everything they are looking to modernize,” says Steve Thamasett, a senior security field solution architect at CDW·G.
Of course, modernizing an IT architecture requires more than simply upgrading components. Modernization is a process of looking at the big picture, creating a plan of action and navigating compliance and compatibility issues.
Failure to meet issues of compliance directly can create impediments.
In the security realm, Defense agencies must begin complying
with the Cybersecurity Maturity Model Certification standard, which measures cybersecurity controls and processes. CMMC eventually will
be required of all contractors doing business with the DoD and security- related products sold for use by Defense agencies. Agencies seeking to modernize IT infrastructure should choose products that comply with CMMC.
As agencies modernize IT architectures and infrastructure,
ensuring that products and services work together will be a challenge.
“Your collection of point products won’t necessarily work together very well, or information may not be correlated,” Thamasett explains. “It’s important to take a step back. Look at what you’re trying to accomplish, and make sure that you have a good plan that works.”
Assessing current states and eliminating inefficiencies is preparation for future success. Reviews reveal underperformance, such as an endpoint security solution working at 80 percent capacity or an under-used cloud-based application.
“It’s great to have new technology, but if it’s misconfigured or nobody has taken the time to set a baseline so they are getting false positives, people will be frustrated,” Thamasett says. “But if you take the time to do a gap analysis and create a roadmap, you will greatly improve your chances of success, and your agency will start really reaping the benefits of its new, modernized architecture.”
FCW | CUSTOM REPORT