Microsoft-managing: Software maker strengthens its position at Homeland Security
- By Alice Lipowicz
- Apr 14, 2005
"It's not the technology. It's easy to bring systems together to share information, like they did with the old-fashioned party lines on the telephone. But the challenge is the governance. That's the biggest barrier to success." ? Tom Richey, Microsoft's vice president for the public sector
Rachael Golden/The Gazette
The Homeland Security Department soon will consolidate the e-mail systems of its 22 agencies, and it should surprise no one that Microsoft Corp.'s Outlook e-mail application is way ahead in the competition before it even begins.
Microsoft's e-mail is available on most of the desktops at the huge federal agency, an obvious advantage to winning the rest.
"As a department, we're pretty focused on Microsoft Outlook. I don't see at this point that we'd be going to an open-source e-mail," Lee Holcomb, chief technology officer for the department, said at the FOSE 2005 government technology trade show in Washington April 6.
Other large software companies, particularly Oracle Corp. and its database products, have a sizable presence at DHS as well. Even so, Microsoft's reach is broad, and it may expand further as the department's information technology is set to grow by 25 percent in 2006.
"One of the reasons I came to Microsoft is that I saw the critical role technology would play in achieving the goals of the National Response Plan," said Tom Richey, Microsoft's vice president for public sector since 2002.
Previously, Richey had been a career Coast Guard officer and commander who had worked under Adm. James Loy, who became deputy secretary of homeland security under former DHS Secretary Tom Ridge. The response plan, produced by the department, is the central strategy document for emergency response following major terrorist attacks and other disasters.
GAME PLAN IN PLACE
Microsoft's approach is to offer end-to-end solutions, working with partners and rarely as a prime contractor, Richey said. At present, Microsoft has a solid base at Homeland Security and appears positioned to take advantage of centralization trends at the department.
"In general, the more consolidation you see, the less variety, and that may work in Microsoft's favor at Homeland Security," said David Farber, professor of computer science at Carnegie Mellon University in Pittsburgh.
Centralization in IT management at the department "could benefit Microsoft," said Jesus Mena, author of "Data Mining Your Website."
Even so, to grow within the department, Microsoft faces challenges. Security holes in its browser software have been widely criticized, even by department officials. And there's been a recent boom of interest in Microsoft alternatives, including open-source computing.
Holcomb, who in a past position headed an open-source supercomputing project at NASA, said he's a fan of non-proprietary technology solutions created with publicly available computer code.
"I believe that when you can use open source, you'd want to take a look at it," Holcomb said. "In Web hosting, it's a very attractive option; we're using it, and we'll continue to use it."
Holcomb said that open-source products are competitive for servers and mainframe applications but not for desktop applications.
Microsoft rules the desktops at Homeland Security, but not without some controversy.
In October 2003, Microsoft was awarded a five-year, $90 million contract to provide desktop and server software to 140,000 desktops at Homeland Security, about three-quarters of the total. Department officials at the time said the standardization would reduce costs and increase efficiencies.
But the Computer & Communications Industry Association, a longtime critic of Microsoft and an advocate of open-source products in federal systems, opposed the deal. The association contended that relying on a single technology, such as the Windows operating system, creates a major security vulnerability for the nation.
"The lack of competition [with Microsoft] is disturbing," said Will Rodgers, a spokesman for the association. "Having one supplier dominate the landscape is inherently risky."
Microsoft's security problems have been gaining more attention. In June 2004, DHS' own Computer Emergency Readiness Team published a warning against Microsoft's Internet Explorer browser.
"Use a different Web browser," the team wrote in a Vulnerability Note posted on its public website. "There are a number of significant vulnerabilities in technologies relating to the Internet Explorer domain/zone security model."
Since that time, the team has issued updated bulletins recommending that users install Microsoft patches to fix problems.
To respond to the security concerns, Microsoft has stepped up its patching activities. In March, the company announced that the Air Force would join a select group of companies that would test Microsoft's new security patches before general release. The Homeland Security Department was negotiating to be included in the arrangement as well.
"All software is vulnerable," Richey said. "The better metric is, what is the speed to patch? In that test, Microsoft is doing very well."
EVERYONE IS VULNERABLE
Microsoft, with a $9 billion research budget that towers over its competitors, has become more aggressive in facing security vulnerabilities. Carnegie Mellon's Farber said vulnerability is not a critical flaw for Microsoft alone.
"Everyone is trying to fix the problem," Farber said. "Switching from Microsoft doesn't necessarily solve the problem, and it may create new problems."
The department's IT budget is slated to rise to $5.96 billion in fiscal 2006, a 25 percent increase, following a year of flat IT spending at the agency. Many of the programs receiving major hikes in funding aim toward integration and IT infrastructure, including work on the enterprise architecture, a new Office of Screening Coordination and Operations, Homeland Security Information Network and the Homeland Security Operations Center.
The information network's budget is scheduled to rise to $22 million in 2006, up from $9 million this year, and Microsoft may be a beneficiary. Microsoft's SharePoint server software is being used in the information network, which links the federal department with state and local emergency response agencies nationwide, Richey said.
Regional homeland security efforts also are using Microsoft products, including data networks created for the 2004 presidential debate in St. Louis, and Super Bowl XXXIX in Jacksonville, Fla. Microsoft is buying Groove Networks, whose products have been used in the Justice Regional Information Exchange System, a network linking law enforcement agencies.
Major challenges remain in information sharing, which is one of the chief reasons the department was created.
"It's not the technology. It's easy to bring systems together to share information, like they did with the old-fashioned party lines on the telephone," Richey said. "But the challenge is the governance. That's the biggest barrier to success."
Staff Writer Alice Lipowicz can be reached at firstname.lastname@example.org.
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.