Since taking over as Department of Justice CIO in 2015, Joe Klimavicz has helped close 97 departmental data centers. And he said Wednesday, he’s going to continue closing them until there are only a few core facilities left.
“This was an economic decision,” Klimavicz said at a FedInsider event. “Some of our data centers are very small, not in ideal locations, the cost of power, cost of real estate. So over five or six years we’ve estimated to have saved over $600 million by doing that. We can then use that money for modernization.”
But those that remain will take on a more important dedicated role housing the department’s most sensitive information that it wants to keep on-premise. And at least one is being expanded. Klimavicz said he’s headed in two weeks to a ribbon-cutting celebrating the expansion of the department’s Pocatello, Idaho, data center.
“We’re always going to have that need, especially with the highly classified operations and so on,” he said. “It’s a conscious risk-based decision and analysis to where do we need to run these applications and databases to make sure they’re protected commensurate with the requirements.”
More focus on optimization, security
With the widespread closure of data centers, the department has evolved to embrace the cloud and must do a better job of focusing on optimizing its IT environments, Klimavicz said.
“We did a lot of lifting and shifting, and I think we’ve got to go back and look at are we running the application databases in the right environment?” he said. “Is it optimized? Do we really need a dozen different versions of the same product, the same application? How can the integration, the interoperability improve performance? That’s going to be a bit of a journey.”
As part of the administration’s Cloud Smart strategy released this summer, the Office of Management and Budget updated the Data Center Optimization Initiative, setting in stone tweaks to how it defines technical aspects of data centers and measures agency progress in closing and consolidating them.
Klimavicz described the department’s cloud portfolio as “some of everything.”
“We have such a range of cloud-based services and information that we’ve moved to commercial cloud environments,” he said.
This hybrid approach to Justice’s IT — some on-premise, some in commercial cloud — makes sense for the department because it has 43 components and a health split of classified and unclassified information and systems, according to Klimavicz. For the more sensitive information, even if it’s in the cloud, “that information just has to be protected,” he said. “And we match the security controls to the sensitivity of the data.”
For instance, some dedicated services DOJ has running in commercial cloud environments “have incredible security controls put around them,” Klimavicz said, where despite the data and services being hosted off-site, “I’m the only one running in those environments. They’re running in commercial data centers, but I’m not sharing with anybody. And we’ve got a lot of security.”
Klimavicz teased the ever-so-popular idea of adopting a zero-trust environment for DOJ — meaning no user inside its network is trusted by default. He called it “kind of the holy grail of security and enabling the mission.”
“We understand zero trust, but do we have the right data, the right environment and the right capabilities to move out at scale?” he said. “My belief is that our first steps are going to be moving more and more of that to a commercial cloud environment and that’s how we’re going to build it out. It’s going to be a very incremental approach. But that’s tying the cloud, the data, the applications all together in one kind of integrated security approach. “