Why Migrate ABIS to the Cloud?
Many agencies today are implementing, or considering, migrating public safety applications to the cloud. Migrating any technology is a challenge that requires thorough consideration and planning. ABIS migration has unique challenges related to network design, data migration, and adapting agency policies to cloud ecosystem requirements. This amplifies the need for careful design and planning focused on the intricacies of infrastructure, the implications of law enforcement technology (such as ABIS, livescan, mugshot, mobileID, and rapid DNA), and the impact on operations.
Public safety agencies are trending towards a new operational model that transitions ABIS “back-end” functions to the cloud (including workflows, databases, matching, and administration). Meanwhile “front-end” mission-critical operations (hands-on booking, tenprint, latent, and mobile processing) need higher bandwidth with bullet-proof network access to the cloud. New cloud ABIS solutions are designed and implemented to bring major benefits to public safety’s mission-critical operations.
ABIS and Crime Lab administrators are instrumental in providing public safety. Yet many administrators find themselves spending less time on tenprint and latent operations and more time on IT-related activities. Taking the journey to a cloud implementation allows agencies to refocus on their core business: biometric identification.
BCP subject matter experts have designed and implemented cloud ABIS solutions, and we have interviewed forensics and ABIS administrators and leaders about their cloud systems experience. Some of the key benefits of migrating your agency’s ABIS to the cloud include:
Predictable Budgets – Cloud solutions can be contracted more easily and typically operate on longer cycles (10 years for example). When the solution is in the cloud, agencies have more predictable yearly costs, including maintenance and solution updates. This typically results in reducing costly system changes and downtime that would impact an on-premise solution. A cloud solution may come with a higher monthly price tag, but it also comes with a stable budget and reduced facilities and IT costs to help balance the expense and provide peace of mind.
Reduced Costs – When an agency migrates their solutions to the cloud, significant savings can be realized by reducing the need for an expensive data center(s), on-premise physical security, on/off-site back-up routines, and the high cost, hard to hire staff that support that ecosystem. Investments in other areas may be needed, such as highly available and faster network demands; however, these investments are likely to be much less than the savings mentioned.
Robust Security – Government cloud vendors build their enterprise environment with the highest cybersecurity and threat mitigation configurations and standards. Expert cloud operations include staff dedicated to 24x7 incident protection, detection, and resolution. Cloud software solutions are also built, designed, and optimized for this highly secure cloud infrastructure, incorporating CJIS requirements. Dedication to physical and cybersecurity is a part of the cloud service.
CJIS Compliance – Agencies still own and control their data, but placing it in the cloud means it is it more cost effective and easier to adopt extremely advanced security while in transit, at rest, and in use. For example, Amazon Web Services (AWS) Key System Management achieves Federal Information Processing Standard (FIPS) 140-2 compliant encryption utilizing hardware security modules (HSMs) while still allowing customers to manage all encryption keys. In addition, AWS Nitro System offers a layer of security that focuses on eliminating system administration human error and tampering. Because of this design, CJIS audits are simplified with government cloud applications, security, and infrastructure.
Seamless Updates – Cloud solutions encourage software vendors to design core components (like ABIS matchers) to be easily updated and maintained without major disruptions to operations. Instead of focusing on building individualized updates for each customized on-premise ABIS solution, many updates are applied as generic building blocks that benefit all customers. When properly designed, cloud ABIS downtimes should be shorter and less frequent and your systems should be gaining functionality, bug fixes, and security enhancements. In addition, the cloud provider constantly updates a system’s cloud infrastructure and software. ABIS providers are also updating their core applications in the cloud more frequently.
Technology Refreshment – Upgrading an on-premise ABIS is a major disruption to any agency, with lengthy procurements and installations that cost lots of time and money. Such upgrades are challenging and costly and interfere with daily operations. Agencies’ desire for current technology loses out to daily operational demands, resulting in neglected technology, which then becomes outdated and obsolete. Such delays in upgrades can create a cascade of issues: CJIS compliance, security, downtime, hardware and software end-of-life, and performance issues. These all make it more challenging for the vendor to support your legacy solution in a timely and cost-effective manner. To fill this gap, many ABIS vendors’ cloud contracts incorporate periodic technology refreshments that help agencies avoid disruptive major upgrades.
Highly Available – A mission-critical system like an ABIS demands robust backups and layers of complex redundancy. An on-premise solution needs more hardware to achieve the same level of redundancy and system uptime. Cloud solutions are shared among many customers, while keeping agency specific software and data separated and protected. In addition, they are higher performance and more fault tolerant than many on-premise solutions. Business continuity can be easily achieved by utilizing a cloud provider’s variety of turn-key backup and disaster recovery solutions. It can be as simple as data being replicated to a secondary site (like a backup), allowing a recovery in hours or days, to a whole solution being synchronized with a recovery time in a few minutes, or even less.
Dynamic Scaling – Cloud architecture also has the capability to dynamically scale based on system resource demand, resulting in more cost savings. For example, you can now design a system for typical demand (at a lower daily rate), but when your agency has an event resulting in a larger demand of resources, the system includes the ability to dynamically scale (at a temporary higher rate), for that event, minimizing or eliminating performance impacts. In addition this technology brick makes it easier to modify your system’s use cases and capacity without a major system overhaul.
Please look out for a future blog article discussing some of the challenges identified by agencies who have implemented cloud-based ABIS.
