Information Technology Development in the

Government of Canada Shared Services Canada: Overview

Border Commercial Consultative Committee

Canada Border Services Agency

February 12, 2014

EDRM # 1906101

2

Shared Services Canada was

formed to consolidate and

streamline the delivery of IT

infrastructure services,

specifically email, data centre

and network services. Our

mandate is to do this so that

federal organizations and their

stakeholders have access to

reliable, efficient and secure IT

infrastructure services at the

best possible value.

SSC will Innovate, ensure full Value for Money and achieve Service Excellence !

Service to

Canadians

Departmental

Programs

SSC

Services

Shared Services Canada – Our Mandate

The Case for Change

August 4, 2011 Mandated to deliver email, data centre and network / telecom services to 43 Government of Canada institutions representing 95% of the federal IT infrastructure spending

November 2011 Budgets, people, assets and contracts transferred to SSC

April 1, 2012 Full accountability for the infrastructure

June 29, 2012 Shared Services Canada Act, Royal Assent

April 4, 2013 Order-in-Council giving SSC authority for the procurement of hardware and software for end-user devices

63 email systems in place across the 43

organizations serviced by SSC

485 individual data centres

50 distinct wide area networks

12 Cyber Information Protection Centres

2,100 different mission-critical

systems supported by the

government’s IT infrastructure

7X increase in storage capacity 4X increase in bandwidth

3

4

Maintain service levels at, or above, those experienced prior to the establishment of Shared Services Canada

Ensure required levels of security for infrastructure and data are maintained or enhanced

Continue to be mindful of the special requirements of the border services community as they relate to officer safety, integrity of data, and robustness of the infrastructure

Continue to work closely with CBSA to understand and respond to the needs of the border services community

SSC Objectives

A Year in Review

EMAIL • Completed the procurement process with

industry

• June 25, 2013: contract awarded to Bell and

CGI Systems

• All Government of Canada Email to be

transformed by March 2015

• June 2013: Cabinet support for Transformation Plan

• Developed consensus between SSC and industry on

fundamental directions on technology and service orientation

• Centre de données de l’Ouest du Québec: created horizontal

teams across SSC; now open for business!

• June 2013: Cabinet support for

Transformation Plan

• Implemented Government Enterprise

Network Services in 130 buildings

• Government of Canada - Security Operations Centre

created

• Government of Canada Secret Infrastructure (GCSI)

initiative launched

• Reducing and limiting Internet access points

DATA CENTRES

TELECOMMUNICATIONS

CYBER AND IT SECURITY

• One-year interim agreement with

Microsoft

WORKPLACE

TECHNOLOGY DEVICES

5

Benefits to SSC Partners

Aligning with government-wide priorities

Workplace 2.0 · Blueprint 2020 · Open Government

• Fewer IT system failures following data centre consolidation

• Network streamlining will increase bandwidth and transmission capacity for “Big Data”

• Greater availability of videoconferencing

• Improved service delivery to Canadians

SERVICE

• High quality infrastructure that is secure

• More reliable and more secure voice, data and video networks

• Secure, fast and reliable exchange and sharing of information on common email system

SECURITY

• Reducing costs through standardization and consolidation

• Avoiding future costs by renewing aging IT

• Greener operations by consolidating data centres

• Improved workplace productivity

SAVINGS

6

7

Cyber Threats

Target End State – Enterprise Data Centres

Target end state:

Streamlined networks

• Connecting 377 000

public servants to each

other and to Canadians

• Linking 3 580 GC-

occupied buildings

Key components include:

• Single enterprise-wide

network with enhanced

capacity and robustness

• Ultra high-speed, no fail

connectivity between

data centres

• Greater, more secure

Internet connectivity

• Streamlined and wireless

telecom infrastructure

inside buildings

• Voice services (VoIP)

(wired and wireless)

• More desktop

videoconferencing

services

• Contact Centre

Infrastructure Services

• Enhanced security

through consolidated

security services and

increased perimeter

security

GC Network Regional and International Carriers

(377 000 users; 3,580 buildings)

Internet

Public Servants GC Offices

Businesses Governments

Canadians

Virtual Private Cloud

Development

Sensitive Data Enclaves

Allies (+International)

Business Continuity

Supercomputer

Production Production

Target end state:

Seven data centres

• Established in pairs for

redundancy

• Mostly private sector-

owned

• Most outside of the

National Capital Region

First pair: Development

data centres

• GC-owned Macdonald-

Cartier in Ottawa

• Bell Canada in Gatineau

Second pair: First set of

production data centres

• GC-owned facility on the

Canadian Forces Base

(CFB) Borden

• Site located within 100 km

of Borden

Third pair: Second set of

production data centres

• If required (to be

confirmed)

• Located outside of NCR

and ON

Specialized

supercomputing facility

Enh

an

ced

En

terp

rise

Sec

uri

ty

8

Target End State – IT Security

IT security controls based on ITSG-33 (Technical, Operational and Management) incorporated as part of end-to-end IT service management of target end state GC IT services

TARGET END STATE

• SSC Support for CBSA Initiatives Beyond the Border

Postal Modernization Initiative

eManifest

• Integrated Partner Planning Identify objectives and plans for the coming years

Look for synergies and resolve issues

• Business Intake Working Group Set priorities and requirements

Define roles and service expectations

• ADM-level Meetings Review and resolve issues

Share strategies

Review progress

Both organizations are

committed to sharing

business plans, risks and

mitigation strategies,

expectations and

challenges.

The CBSA & SSC Relationship

9

10

No change to data ownership – CBSA continues to own the data, SSC delivers and supports the infrastructure

Data centre transformation will allow for enhanced disaster recovery, modern

security, standardized cyber protection against internal and external threats, increased breadth of supporting resources and strict change management

A single, enterprise network brings improved performance and high

redundancy between data centres

Improved perimeter security means reduced potential for malicious or

accidental security incidents

Consolidation of data centres will improve ability to implement changes and

apply industry best practices

Standards for videoconferencing will improve availability and usefulness

Benefits of this Approach

11

Security architecture developed to ensure adequate protection of all data sources

IT operations, functions, procedures and security controls designed (and segregated) to ensure data integrity

SSC staff security clearances will be aligned with authority boundaries and consistent with CBSA standards Required security clearance levels will be respected

Physical consolidation of facilities to be determined in bilateral discussions

Purpose-built, restricted access, Level IV SSC data centres will ultimately provide better access control and information protection The latest biometric scanners will be used to control access

Network, access and storage security layers will each have their own robust security measures

Data will be encrypted

Protecting the Integrity of Enforcement Data

Blueprint 2020 – Living the Vision

12

A modern workplace that

makes smart use of new

technologies

A capable, confident and

high performing workforce

An open and networked environment

A whole of government approach

Questions and Comments

13

Thank you!