Saturday, February 08, 2003

THE DECENTRALIZED ASPECT OF CONTINUITY OF GOVERNMENT: I watched the replay of Governor Ridge's press conference last evening where they raised the national terrorist threat level to orange. It brought to mind a conference I spoke at several months ago which was hosted by the Software Productivity Consortium in Dulles, VA where the focus of discussion was on "Secure Collaboration Across Organizations". The conference was attended by some of the best and brightest from government and private industry. While collaboration in the private sector was addressed, the primary conversation was around government and how to insure "continuity of government/business/economy" through collaboration in an age when we are dealing with highly decentralized enemies. The experience was incredibly bi-polar when it came to conventional wisdom around how we secure collaborative interactions.  Those from the private sector were rabid in their view of pouring concrete, and lots of it, around organizations by locking the comms links down, NOW. The dichotomy, interestingly enough, came from some of the folks in government who were suggesting really smart security at the app layer, riding on highly unintelligent, commodity networks. This schism was front-and-center in my thoughts last night as Ridge described the key activities that essential government agencies would need to plan for. The two that concerned me the most were protective measures that ordered all to, "prepare to execute contingency procedures, such as moving to an alternate site, or dispersing the workforce" and "restrict access to threatened facilities to essential personnel only." If networks become absolute silos, how do we accomplish the operational requirements and drive decision superiority when our decision-makers are now geographically dispersed? One thing is for sure: Continuity of government will require absolute mobility in the technical platforms that support the cause. And there is no way that we can predict all of the variations of the dispersion of decision makers. Some may operate out of hotels. Some may connect to a WIFI network at Starbucks, while others may use 9600-baud sat-phones.  Many worst case scenarios suggest connectivity wherever one can get it. I used to worry a lot about the centricity of server-based, single-point-of-failure applications as they make irresistible targets. The question I struggled with last night was this: Will "concrete" around government and industry data communications infrastructures inhibit our ability to connect and make informed decisions during a time of crisis? I fear the answer will be yes. IMHO, securing the app layer and leveraging ubiquitous communications infrastructure is the only answer to this problem.  This was one of Groove's primary architectural decisions four years ago. 3:19:20 PM

ONE INCH OF SNOW: Just finished digging out from Friday's forecasted "one-inch of snow".  There's a mound next to my driveway that is over three-feet tall!  We had over 12 inches here on the north shore. 2:37:23 PM