Can cloud-based services be law enforcement’s new partner?
Are you on the cloud? Cloud computing is no longer a new concept. Government agencies, commercial companies and even individual citizens have adopted the cloud en masse for wide use and implementation. The benefits of cloud-based storage are available for all, and cloud-based infrastructure is becoming the standard approach for IT resources. Law enforcement is no exception as many strive to disrupt crime with the time-to-value flexibility of cloud solutions.
Public safety agencies have some specific challenges that make cloud computing an attractive option for these organizations. In addition, many of these agencies desire to increase spending on head count for sworn officers rather than civilian staff such as IT personnel.
From a systems management and maintenance perspective, the assumption is that cloud providers are significantly more efficient and perhaps more reliable than systems run in a dedicated computing facility owned and managed by these agencies. A cloud-based infrastructure enables an agency to shift funds for staffing sworn officers rather than bolstering civilian staff for IT positions. And agencies can be freed from the need to periodically upgrade hardware and software to stay current and supported.
Beneficial considerations for law enforcement
While some compelling reasons to make the move to cloud-based resources clearly exist, special circumstances and required standards need to be considered to make cloud computing a realistic option for law enforcement agencies. The Criminal Justice Information Services (CJIS) Security Policy needs to be the basis for managing public safety data. Cloud providers for law enforcement solutions have to understand and comply with what the CJIS requires and be open to audit by agencies and organizations that look to use their platforms. Today, this audit accessibility is not a service offered by all cloud providers.
Even for cloud-hosted organizations that are CJIS compliant, recent public data breaches that have occurred worldwide raise legitimate concerns about security. If a given cloud provider has enough clout and resources, it is far more likely to have the on-staff expertise, security infrastructure and processes deployed than individual agencies or state and regional governments. Platform security is a fact of everyday life for cloud services providers, and their ability to do business is predicated on being secure and well protected. While the potential exists for a lapse in security, I believe the odds of a successful breach are significantly reduced at the cloud service provider level than they are at the law enforcement agency level.
Other potential cloud-related benefits to consider are financial resources, which can create some tough issues. On the surface, and without question, the ability to move from a grant-reliant capital expense (CAPEX) approach to an operational expense (OPEX) approach has some considerable attraction. Getting a grant application written and submitted and then getting the systems established and operational—only to have the grant change focus or start to dry up—can be painful. Finding the funds to keep some of these systems running in today’s environment can be quite challenging, and moving some solutions to an OPEX cloud subscription service becomes a logical solution.
However, the financial discussion doesn’t stop there. The discourse isn’t just about CAPEX versus OPEX, but also about having the staff to run and maintain on-premises systems versus outsourcing much of that work to the service provider. And again, in the US, CJIS plays an important role, ensuring that data is handled appropriately. Upgrade cycles for hardware and software add to the transition complexity. In a cloud implementation, these considerations are taken care of by the service provider, and gone are the worries of running on old hardware or running back-level software releases.
Confident steps to cloud deployment
Any discussion about the real and perceived benefits of cloud-based implementations could go on for years. Staying on premises has its pros and cons, but over time the cloud option continues to become more compelling.
However, the law enforcement community generally takes a conservative approach to these types of technology changes, and it is reluctant to be an early adopter and potentially put uniquely sensitive data at risk. A number of agencies in the US and elsewhere are taking this step and reaping the benefits. Collectively, we need to listen to their experiences. We need to learn from the false steps and the successes to reach a point at which the majority of law enforcement and public safety agencies can make the step with confidence and realize financial, security and other benefits.
Are you implementing public safety systems on the cloud? Are you deploying body-worn cameras and storing video files on the cloud? Please share your recommendations and best practices for other agencies in the comments. Join the conversation and share your experience in the comments below.