Welcome!

Microservices Expo Authors: JP Morgenthal, Automic Blog, Elizabeth White, Flint Brenton, AppDynamics Blog

Blog Feed Post

INSA Publishes White Paper on Intelligence Community Information Technology Enterprise

By

Insa_clearThe Intelligence and National Security Alliance (INSA) has released a white paper documenting the vision and approach for enhancing enterprise information technology in support of intelligence and national security missions. This paper, titled  ”Doing in Common What Is Commonly Done” provides insights based on interviews of government leaders including CIOs, CTOs and other agency leadership.

The goal of the IC ITE approach is to move to an IT posture that is more integrated and service based (with 10 common service offerings across the IC for primary IT functions). IC level portfolio management will also be done enabling IT decisions to be made by more informed IT leaders across the enterprise. And enhancements will be made to the IC enterprise IT acquisition process, including more centralized and synchronized IT acquisition and more progressive models for procurement (like SOA and Agile instead of typical procurement).

From the paper:

 

The IC ITE focuses on greater integration, information security, and information sharing while seeking substantial cost reductions through shared infrastructure and service models. The IC recognizes that each agency has particular strengths or core competencies that can be better leveraged by designating IC elements to act as Service Providers for specific capabilities for the entire Community. The DNI designates the IC Service Providers who are responsible for determining investment requirements and using their respective acquisition and contract authorities to execute their IC ITE responsibilities. Currently identified common services and their respective providers include: the Desktop Environment, DIA and NGA; IC Cloud Services, NSA and CIA; Applications Mall, NSA; and Applications Stores, all agencies.

The IC ITE will be delivered in increments with Increment 1 (Initial Operating Capability, or – IOC) in FY13 and achievement of Full Operating Capability (FOC) planned in FY18. Increments for the IC ITE will include all activities required to plan for and implement IC ITE services, including scaling services across the IC enterprise, transitioning relevant legacy data and applications, and retiring legacy capabilities as appropriate. The initial IC ITE services focus on delivery of a common IC desktop, common back office tools, broader and standardized access to analytic tools and applications, and data-centric computing using complementary government-developed and commercial cloud architectures. Development of Increment 1 began in 2012 and ultimately intends to deliver enterprise capabilities for the IC Cloud Environment, the IC Desktop Environment, and the IC Applications Mall services. Future increments propose to deliver additional ITE services and capabilities based on mission needs, and will further define/refine governance, cost recovery business models, and additional efficiency opportunities. In five years, the IC expects all agencies to be leveraging this shared services platform with each providing or paying for enterprise services. This baseline platform and new Community IT ecosystem is expected to enable and encourage innovation to occur and to spread rapidly.

For industry, especially the IT vendors, one of the most important paragraphs follows:

The IC will lean heavily on industry to conduct R&D on enterprise solutions – COTs technology will likely predominate. Acquisition will be deliberate to provide some stability in enabling organized change. Outsourcing may be considered as long as vendors can meet service needs on a sustainable basis without sacrificing mission agility. Vendors depending on revenue streams from cost-prohibitive long-term license fees will likely find themselves disadvantaged as the IC ITE moves forward. Integrators who specialize in specific agencies may also be disadvantaged when the IC is seeking enterprise-wide solutions.

I encourage all technologists from all enterprises, even totally commercial enterprises, to review this INSA document for lessons learned for your particular organization. And for those who serve the national security community I encourage you to read closely both so you can see what is coming next and so you can provide input where you think it is necessary.

I have heard from IC IT leaders directly on this activity, and they genuinely want continued feedback. I’m working up thoughts for IC leaders myself on this. My inputs so far will probably be minor but my view is I must show friends in government that I care so I will provide input. I encourage you to do that as well.

One piece of input I’ll publicly state just for continued dialog: I found this summary of IC ITE views and vision to be overly simplistic in how “industry” is thought of. I think that may be because most IC CIOs and CTOs come from life-long careers in government. Or maybe it is because the document is just a summary and it doesn’t reflect the real nuanced views of IC IT leadership. But to try to summarize all that is not government under the term “industry” just falls flat with me. In the views of many who were interviewed for this summary, there is the government and there are vendors and it is that black and white. In the real nuanced world, there are many segments to American industry and to assume they are all the same weakens your ability to work with and influence and get the best from these many segments.

When it comes to IT, a useful segmentation of “industry” for national security decision makers might be: Systems Integrators, Service Companies/Consultancies and IT Vendors. Considering “industry” this way instead of as just one big blob can help inform and produce a more impactful strategy.

Here is how this sort of segmentation of IT related firms might look:

  • Systems Integrators (SIs): Northrop Grumman, Lockheed Martin, Boeing, SAIC, Raytheon, CSC, Harris, GD
  • Services Companies and Consultancies: the SIs do some of this but many firms specialize here, including CACI, BAH, ManTech, Camber, the FFRDC (Mitre, Aerospace) and many others
  • IT vendors: Microsoft, IBM, Oracle, Google, Amazon, Cisco, SAP, HP, EMC, RedHat, Cloudera, Thetus, MarkLogic, Cleversafe, Terracotta, Fixmo, Recorded Future, Sitscape, Triumfant, Invincea, WayIn, etc etc.

I’d be the first to admit this segmentation of the IT industry is not perfect (some companies do not fit this model), but it has a bit more fidelity than lumping all industry into one term, and if it were used in the IC ITE it would allow a more meaningful expression of intent. For example, the INSA articulation of the IC ITE makes it seem that the IC views all of industry as traditionally embedding themselves in an IC element for years to provide all holistic IT support. Clearly this is not talking about all of industry, it must refer to the systems integrators. In other parts it talks of industry needing to change software license models. This makes more sense if it is aimed at the IT vendors segment, not services firms and usually not systems integrators.  And portions which talk about the need for new educational and training for commercial workforces are probably focused on the Service companies. Lumping all kinds of industry serving IC IT needs into one term is sub optimal for many reasons which I will leave to readers to consider.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

@MicroservicesExpo Stories
I have an article in the recently released “DZone Guide to Building and Deploying Applications on the Cloud” entitled “Fullstack Engineering in the Age of Hybrid Cloud”. In this article I discuss the need and skills of a Fullstack Engineer with relation to troubleshooting and repairing complex, distributed hybrid cloud applications. My recent experiences with troubleshooting issues with my Docker WordPress container only reinforce the details I wrote about in this piece. Without my comprehensive...
From the conception of Docker containers to the unfolding microservices revolution we see today, here is a brief history of what I like to call 'containerology'. In 2013, we were solidly in the monolithic application era. I had noticed that a growing amount of effort was going into deploying and configuring applications. As applications had grown in complexity and interdependency over the years, the effort to install and configure them was becoming significant. But the road did not end with a ...
Struggling to keep up with increasing application demand? Learn how Platform as a Service (PaaS) can streamline application development processes and make resource management easy.
As the software delivery industry continues to evolve and mature, the challenge of managing the growing list of the tools and processes becomes more daunting every day. Today, Application Lifecycle Management (ALM) platforms are proving most valuable by providing the governance, management and coordination for every stage of development, deployment and release. Recently, I spoke with Madison Moore at SD Times about the changing market and where ALM is headed.
In a crowded world of popular computer languages, platforms and ecosystems, Node.js is one of the hottest. According to w3techs.com, Node.js usage has gone up 241 percent in the last year alone. Retailers have taken notice and are implementing it on many levels. I am going to share the basics of Node.js, and discuss why retailers are using it to reduce page load times and improve server efficiency. I’ll talk about similar developments such as Docker and microservices, and look at several compani...
The goal of any tech business worth its salt is to provide the best product or service to its clients in the most efficient and cost-effective way possible. This is just as true in the development of software products as it is in other product design services. Microservices, an app architecture style that leans mostly on independent, self-contained programs, are quickly becoming the new norm, so to speak. With this change comes a declining reliance on older SOAs like COBRA, a push toward more s...
Small teams are more effective. The general agreement is that anything from 5 to 12 is the 'right' small. But of course small teams will also have 'small' throughput - relatively speaking. So if your demand is X and the throughput of a small team is X/10, you probably need 10 teams to meet that demand. But more teams also mean more effort to coordinate and align their efforts in the same direction. So, the challenge is how to harness the power of small teams and yet orchestrate multiples of them...
Many private cloud projects were built to deliver self-service access to development and test resources. While those clouds delivered faster access to resources, they lacked visibility, control and security needed for production deployments. In their session at 18th Cloud Expo, Steve Anderson, Product Manager at BMC Software, and Rick Lefort, Principal Technical Marketing Consultant at BMC Software, will discuss how a cloud designed for production operations not only helps accelerate developer...
SYS-CON Events announced today that Peak 10, Inc., a national IT infrastructure and cloud services provider, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Peak 10 provides reliable, tailored data center and network services, cloud and managed services. Its solutions are designed to scale and adapt to customers’ changing business needs, enabling them to lower costs, improve performance and focus inter...
Much of the value of DevOps comes from a (renewed) focus on measurement, sharing, and continuous feedback loops. In increasingly complex DevOps workflows and environments, and especially in larger, regulated, or more crystallized organizations, these core concepts become even more critical. In his session at @DevOpsSummit at 18th Cloud Expo, Andi Mann, Chief Technology Advocate at Splunk, will show how, by focusing on 'metrics that matter,' you can provide objective, transparent, and meaningfu...
In the world of DevOps there are ‘known good practices’ – aka ‘patterns’ – and ‘known bad practices’ – aka ‘anti-patterns.' Many of these patterns and anti-patterns have been developed from real world experience, especially by the early adopters of DevOps theory; but many are more feasible in theory than in practice, especially for more recent entrants to the DevOps scene. In this power panel at @DevOpsSummit at 18th Cloud Expo, moderated by DevOps Conference Chair Andi Mann, panelists will dis...
Wow, if you ever wanted to learn about Rugged DevOps (some call it DevSecOps), sit down for a spell with Shannon Lietz, Ian Allison and Scott Kennedy from Intuit. We discussed a number of important topics including internal war games, culture hacking, gamification of Rugged DevOps and starting as a small team. There are 100 gold nuggets in this conversation for novices and experts alike.
The notion of customer journeys, of course, are central to the digital marketer’s playbook. Clearly, enterprises should focus their digital efforts on such journeys, as they represent customer interactions over time. But making customer journeys the centerpiece of the enterprise architecture, however, leaves more questions than answers. The challenge arises when EAs consider the context of the customer journey in the overall architecture as well as the architectural elements that make up each...
In 2006, Martin Fowler posted his now famous essay on Continuous Integration. Looking back, what seemed revolutionary, radical or just plain crazy is now common, pedestrian and "just what you do." I love it. Back then, building and releasing software was a real pain. Integration was something you did at the end, after code complete, and we didn't know how long it would take. Some people may recall how we, as an industry, spent a massive amount of time integrating code from one team with another...
Admittedly, two years ago I was a bulk contributor to the DevOps noise with conversations rooted in the movement around culture, principles, and goals. And while all of these elements of DevOps environments are important, I’ve found that the biggest challenge now is a lack of understanding as to why DevOps is beneficial. It’s getting the wheels going, or just taking the next step. The best way to start on the road to change is to take a look at the companies that have already made great headway ...
If there is anything we have learned by now, is that every business paves their own unique path for releasing software- every pipeline, implementation and practices are a bit different, and DevOps comes in all shapes and sizes. Software delivery practices are often comprised of set of several complementing (or even competing) methodologies – such as leveraging Agile, DevOps and even a mix of ITIL, to create the combination that’s most suitable for your organization and that maximize your busines...
Digital means customer preferences and behavior are driving enterprise technology decisions to be sure, but let’s not forget our employees. After all, when we say customer, we mean customer writ large, including partners, supply chain participants, and yes, those salaried denizens whose daily labor forms the cornerstone of the enterprise. While your customers bask in the warm rays of your digital efforts, are your employees toiling away in the dark recesses of your enterprise, pecking data into...
You deployed your app with the Bluemix PaaS and it's gaining some serious traction, so it's time to make some tweaks. Did you design your application in a way that it can scale in the cloud? Were you even thinking about the cloud when you built the app? If not, chances are your app is going to break. Check out this webcast to learn various techniques for designing applications that will scale successfully in Bluemix, for the confidence you need to take your apps to the next level and beyond.
With DevOps becoming more well-known and established practice in nearly every industry that delivers software, it is important to continually reassess its efficacy. This week’s top 10 includes a discussion on how the quick uptake of DevOps adoption in the enterprise has posed some serious challenges. Additionally, organizations who have taken the DevOps plunge must find ways to find, hire and keep their DevOps talent in order to keep the machine running smoothly.
Much of the discussion around cloud DevOps focuses on the speed with which companies need to get new code into production. This focus is important – because in an increasingly digital marketplace, new code enables new value propositions. New code is also often essential for maintaining competitive parity with market innovators. But new code doesn’t just have to deliver the functionality the business requires. It also has to behave well because the behavior of code in the cloud affects performan...