Implementing the Cloud One Step at a Time by Frank Barret

The cloud: it’s a compelling option for safeguarding your agency’s data, and making the management of that data more efficient. But the prospect is daunting, and identifying an entry point to the cloud is a challenge.

MorphoTrak recently collaborated with the Microsoft Azure team to produce a case study about Morpho Cloud, a multi-biometric identification-as-a- service solution. As discussed in this case study (posted on the Microsoft website and the Morpho website), moving AFIS systems to the cloud brings tremendous benefits in flexibility, reliability, and scalability, and opens new possibilities for agencies. But despite these benefits, moving such mission critical systems completely off-premises might be too big an undertaking for some agencies. The good news is: you don’t have to move everything off-site. There are actually many other options by which agencies can benefit from a cloud-based service solution.

Take system backup for example. Is your agency bogged down with backup tapes? Do you have to ship dozens of backup tapes to a remote location to ensure reconstruction of your biometric identification system in case of a major disaster affecting your data center? It would be much better and safer to have an additional storage area network (SAN) in a distant data center connected through dark fiber (a dedicated fiber optic cable) to your main system. Better yet would be a secondary active biometric identification system in perfect sync with the primary system. There is no doubt these business continuity options have been considered, but with limited capital investment funding, these options are not always feasible. Yet law enforcement agencies need to be prepared for the next natural disaster that hits the data center and disrupts its mission critical operations.

With cloud technology, there is a cost-effective path to manage this gap in expectations and funding. There is no need to make any leap of faith because each incremental improvement relies on simple, well-established solutions and lays the groundwork for the next step.

Returning to our example, there are many inconveniences associated with tape backup and off-site storage. First, while the tapes are stored securely, the backup data is not readily accessible. Without a rigorous inventory, tracking capabilities, and an audit trail – keys to efficient identification and reconstruction of data during system recovery – data cannot be easily and fully recovered. Most noteworthy, system recovery is not immediate, as the data must be loaded in an orderly fashion, in a time consuming process. Alternatively, agencies can consider backing up to a disk locally , then “virtually shipping” the data to a Criminal Justice Information Services (CJIS)-compliant storage in the cloud. A SAN is not required for this strategy; a lower-cost network-attached storage (NAS) server can be used for the backup.

Bandwidth and security are, of course, key considerations in designing a cloud solution, and these issues are easily addressed with today’s technology. Regarding security, the data transfer can be secured using a site-to-site virtual private network (VPN), as well as backup encryption and digital signatures. These measures can render the data unusable in case of illegitimate access. Regarding bandwidth, there are solutions such as Microsoft Azure ExpressRoute that give fast, private access to the cloud, or a software defined wide area network (WAN) that can securely and privately aggregate multiple lines into a powerful, reliable, and secure connection.

To conclude, a simple backup in the cloud is an effective improvement to off-site storage of backup tapes. Once you’ve established backup storage in the cloud, solutions exist to go beyond that and implement a true AFIS disaster recovery in the cloud. We will cover AFIS disaster recovery in the cloud in another post.


Frank Barret, Director of Cloud Services
MorphoTrak, LLC

Sharon Rollins
Marketing Communications Manager
+1 714.238.2010
[email protected]

Thursday, January 7, 2016

C. Type: 

Blog entry