News out of Los Angeles this week was anything but a Christmas present for Google and Computer Science Corporation (CSC). After two years of planning for and trialing Google Apps, the LA Police Department (LAPD) dropped its plans to use the cloud platform for e-mail, word processing and other components because, according to the LAPD, it did not meet FBI security standards.
The change of heart represents the loss of a $7.25 million contract.
It is not a stretch to say that in the rejection of Google’s cloud platform, SaaS (Software as a Service) also took it on the chin.
The trouble began back in September 2009 when Google Apps, along with systems integrator CSC, beat out Microsoft Office for the lucrative deal. The migration from Novell’s GroupWise e-mail servers was to be managed by CSC.
By October of 2009 there was trouble. According to a supplemental report on contract activity, the City of Los Angeles had asked whether security issues -- specifically, how confidential law enforcement data was going to be protected -- raised in a prior report were resolved.
Originally, Google promised that additional layers of encryption would be added to e-mail and other apps. But this proved unacceptable to the California Department of Justice. In response, Google offered a new idea it termed "Gov Cloud," a proposal to store “sensitive government data” in dedicated facilities within the “continental United States
I suppose otherwise the LAPD could be accused of outsourcing.
However, everything came to nothing when CSC finally threw in the towel this year, submitting a letter to the City “indicating its inability to meet the security requirement of the City and LAPD for all data and information” pursuant to the FBI’s Criminal Justice Information Systems (CJIS) requirements.
CJIS requirements are the de facto standard for law enforcement simply because the FBI will not authorize any local or state law enforcement agency to access its databases unless they comply with CJIS.
As noted in the City of Los Angeles memo dated Dec. 9, 2011, CSC admitted it did not have the technical ability to comply with CJIS requirements, adding that those requirements are “not currently compatible with cloud computing.”
And that remains an ongoing battle. We’ll have to wait and see who blinks first. Will the Feds ease up on their requirements or will SaaS providers figure out a way around the challenge?
But for the moment Google and CSC are the real losers. Although every clause in the final agreement to part ways is pure entertainment, this clause is my very favorite:
“CSC will not seek reimbursement of the $250,000 advance intended as an incentive for the City to encourage other government users to adopt Google.”
It puts the lie to the idea that career government employees don’t know anything about business negotiations.