Information technology has never been the strength of the background investigations process. While many reform efforts have been tossed around for the past fifty years of the personnel security program (think things like timeliness, investigation quality and reciprocity), the inability of the government to adapt, improve and follow basic IT security principles is what lead to the Office of Personnel Management breach of more than 20 million security clearance records.
The breach was the result of a series of missteps, but the discovery that data had been left unencrypted – and remained unencrypted for some time following the breach – signals that problems aren’t just about having the right systems, but being able to follow basic information security best practices.
Now that the executive order to transfer the security clearance mission has finally been issued, attention turns to an equally critical aspect of the personnel security modernization effort – the National Background Information System (NBIS).
This week the Defense Information Security Agency and Defense Security Service announced the latest contract award in the effort to modernize background investigations technology. Perspecta was awarded a $75 million other transaction agreement to support the security clearance personnel vetting process and NBIS.
“The objective with this OTA is to integrate new bold and transformational approaches from the NBIS architecture and take the next step with technology to integrate and align other security missions,” said Terry Carpenter, program executive officer for NBIS, in a statement from DSS. “It complements the OTA awarded last June as we work to build a system that is agile and flexible that better enables the federal vetting enterprise for the whole of government.”
Getting Ready for NBIS
When the security clearance background investigation mission transfers to DoD control in October, there is something else that will be going with it – the legacy system currently used for security clearance case management. With NBIS not set for implementation until sometime in FY 2020, one of the first challenges the new Defense Counterintelligence Security Agency (DCSA) will face is the need to ensure cases move forward and that IT doesn’t once again become the straw that breaks the security clearance process’ back.
When it comes to the improvements expected to be ushered in by NBIS, DSS highlights enhanced data analytics including machine learning and natural language processing, additional vetting capabilities powered by DevSecOps, automation, and operating processes in a “secure government cloud environment.”
It sounds impressive (and it is), but it tends to overshadow the fact that the current case management system is so antiquated, when it comes to simple advancements to improve the process, things like autofill and the ability to detect missing or inaccurate data will have a significant impact on improving the case management that has been in use over the past decade. Last summer a ClearanceJobs contributor offered up six tips for improving the case management system, then seen as the oft forgotten but critical piece to improving security clearance processing times and increasing the quality of vetting.
This week’s contract announcement is the latest step in an ongoing effort to overhaul the security clearance process. With NBIB making progress on the backlog and starting to make a dent into processing times, NBIS will soon be the crux the rest of the process will need to stand on to truly see improvements in the vetting and personnel security mission.