DND may contract out Information Technology jobs

[triniman]

DND may contract out Information Technology jobs.

Apparently, all Federal Depts were asked to look at cost-cutting and one of the areas DND came up with was Information Technology.  It's not clear if this will actually go through, or if it would affect military IT positions.

What are your thoughts regarding the possibility of DND replacing Federal civillian employees, CSs, with private contractors?

 

[pronto]

This was as a result of the expenditure review process as well as some others. I think it is a fine idea. They can save a boat-load of money, get better expertise in their specific areas of concern, and then "in-source" in about 5 years from the outsourced company. This is a very familiar paradigm in the industry today, and these periodic expansions and contractions allow companies and departments to shed the bloat and get rid of the deadwood.

Great idea, I supported it 16 weeks ago, and I support it now. The difficult thing will be to do the following:
   1. Spend some of the savings on DND instead of returing it to the Consolidated Revenue
   2. Save a wee bit over the next 5 years or so to assist in the "insourcing"

To do otherwise would be silly, and doom the proposition to dismal failure.  

 

[triniman]

Just wondering when you mentioned in-sourcing from the outsourced company.  Do you mean hiring CSs from the contracting company?

 

[pronto]

Yup. It is not at all uncommon for a government department to outsource parts (or even all) of its IT infrastructure and personnel to a firm (generally the lowest compliant bidder). Then over the next few years slowly build up the IT shop in the department, and when the oursourcing contract comes up for renewal - don't renew!

You can keep the ones you want in the first place, and hire in the ones from the outsourcing firm you want to have in-house.

There - you have gotten rid of your old shop, and built up a new one.

 

[McG]

I would imagine IT security issues would become quite complicated with an outside organization managing our internal computer networks.

 

[pronto]

Surprisingly enough - not really. There are a number of  Secure Options. I have been through just about all of them, and all are viable. For Public Safety and National Defense portfolios, I would not recommend out-sourcing IT services above a particular clearance level, but the majority CAN be outsourced.

 

[NCRCrow]

2000 more security clearances to process plus 5000 for the CDS's new army and the constant upgrades..........

CSIS and the MP's will be busy.

 

[pronto]

Hunh? Just outsource to pre-cleared companies. Not a burden at all.

 

[NCRCrow]

pre-cleared companies?

 

[pronto]

Sure, Companies and agencies already cleared through PWGSC, CSIS, RCMP or CSE. There are quite a few.

 

[Brad Sallows]

If one outsources to a pre-cleared company, does one continue to screen all their new hires and periodically review all their current employees, or does one implicitly outsource future security screening to the pre-cleared company?

 

[pronto]

Good Question. It depends. What is the level of infrastructure and services outsourced? If Protected A, B or C or otherwise, you need to conduct periodic Audits, full Audits, be involved in the screening, etc. etc. depending on what you outsourced.  Most organisations start with their non-protected infrastructure and services, and then migrate protected  at a later date or on a schedule.

Obviously decisions about air-gapped systems take a LONG time. You  typically don't outsource total responsibility for security clearances!

 

[mover1]

I say go for it. The whole deal sounds like a good idea. There is no difference to outsourcing for IT that there is on some of the maintenance work done on some Airframes and Vehicles. It works pretty well.

As for the security clearances no problem. The pre-cleared companies are at work all of the time. How do you think that CMTT's move everything from Bullets to Missiles to that mysterious top secret box from coast to coast day after day. Not by Military means that for sure. But by a series of pre-cleared companies.

 

[Brad Sallows]

Whatever fraction of my time I have ever spent thinking about ways to maintain security, I have always borne in mind the belief that those thinking about ways of subverting security approach it with monomaniacal dedication.  That is what one is up against.

 

[Acorn]

"Thinking about security" involves such a miniscule amount of time for most gov't departments that it can safely be said that they don't think about security.

The CF can be better, but is often just as bad as most other gov't departments. All too often "security" is gutted on the altar of "convenience." The high priests holding the heart up are usually in the upper levels of leadership (leading by example). Look at the CSIS "classified material in briefcase at hocky game" incident.

I've seen junior folks get their dicks nailed to the desk over leaving a document out overnight in a fairly secure facility. The horror stories about senior folks' attendance to Security Orders will remain in a safety-deposit box for a rainy day.

That being said, I know of companies that are rigorous about how they handle their security - but they're usually run by ex-military types.

Acorn

 

[wack-in-iraq]

i say go for it, as things here have shown it is the way things are going to be run from now on with the US military.  i think private contracting to the military is the way of the future.

 

[buzgo]

They already do this anyway, its not a big story. I used to have to deal with DTSES alot here in Ottawa, its all  30 year Captains and contractors. These are the people that design and implement the networks, set up all the satellite links and go out into the world and install systems. DLCSPM is the same way. The DWAN is run by contractors and CS types. I think Petawawa had ONE military guy working in the DWAN server farm... Most of the 'other' systems are all civilian run too...

The only place you really see military people doing IT stuff is with the C2IS systems in the field, and with deployed systems - whether they're DWAN or classfied domain or whatever. Even then though, there are civs out there... Camp Julien is a good example.