By Megan Poinski, Megan@MarylandReporter.com
(September 21, 2011)—Maryland state government is going to be moving to cloud-based e-mail, after a divided Board of Public Works approved a contract for up to $56 million with California-based SADA Systems on Wednesday.
With the new e-mail system, messages and other data will be stored remotely and accessed by secure Internet connections. This means that if a state employee can get on the Internet using any computer, he or she will be able to use e-mail. The contract also includes collaborative services, allowing items like documents to be stored securely online for different employees and officials to share, access and modify.
Board of Public Works members Gov. Martin O’Malley and Treasurer Nancy Kopp voted to approve the contract. Comptroller Peter Franchot opposed it because he was unsure of the benefits of spending so much money and leery about digital security issues.
The contract, which has initially been approved for five years and $18.7 million, has two five-year renewal options, making it potentially valid for 15 years, and costing the state up to $56 million.
Information Technology Secretary Elliot Schlanger said that the contract, which would consolidate 57 different departmental systems into one, would actually increase information security and save the state between $2 million and $3 million annually.
“From my perspective, we do not give up anything,” Schlanger said. “I think we gain a lot.”
Massive duplication
Schlanger said that the current state e-mail system – with 57 separate servers, programs, and technicians – is not optimal. There is massive duplication, with different agencies paying money to the same contractors to perform the same functions. Some of the equipment, hardware and software is antiquated and difficult to use. E-mail looks and functions differently when it is accessed from different locations. And there is no single government e-mail directory.
“Most modern e-mail systems today are one system,” Schlanger said.
Schlanger said that the state has talked about moving to a single cloud-based e-mail system for years, but did nothing about it. The impetus for the state to move now came from the Department of Health and Mental Hygiene, which approached Schlanger about using a grant to upgrade its old e-mail system. Schlanger said that instead of upgrading an old system to something else that won’t work well in the long run, it made more sense to comprehensively replace the old system, use the Health Department’s grant money in that effort, and roll out the system at DHMH first.
With many different systems all operating to do the same thing currently, Schlanger said that the state is actually more vulnerable to hackers. There are now 57 different entry points for people trying to steal the state’s data, he said. Under a single system, there will only be one.
Even though data will be stored remotely on the Internet, Schlanger said it will be extremely secure. The type of system that received the contract meets all of the standards set by the federal government to safeguard data and keep it safe.
“If it’s good enough for the feds, it’s good enough for the state,” Schlanger said.
Schlanger said that the cost savings have to do more with efficiency. There are no plans to cut any state jobs.
“I’m slightly embarrassed that it’s taken us so long to do this,” O’Malley said.
Security concerns worry Franchot
Franchot was far from sold on any aspect of the proposal. He said he understood why the state might want to move toward the utility of a single e-mail system, but had concerns about the cost savings and the security.
Franchot was especially cautious about any of his department’s data – which includes returns for taxpayers statewide – being part of this movement to an online server,
“My concern with being included in this is that you are opening up the possibility of creating a bigger problem for yourselves,” Franchot said. “It’s like allowing someone to get into Fort Knox by hacking into one site.”
Franchot referenced a recent incident where a hacker obtained codes to secure government information that the Norwegian government had online. The hacking has led the government to direct citizens to communicate with them using non-electronic channels.
Schlanger replied that hackers already try to break into Maryland’s web information thousands of times daily, and consolidating e-mail into one system will not increase the threat. Instead, the department needs to continue to be vigilant in ensuring site security.
Franchot said that he also wanted to be able to take more time to look at the analysis of the system and weigh the costs and benefits. Schlanger replied that the grant that will be used to jumpstart DHMH on the new system must be used by the end of October, so timing is crucial.