Email this Article Email   

CHIPS Articles: Updated Guidance on Use of Commercial Cloud Computing Services Released

Updated Guidance on Use of Commercial Cloud Computing Services Released
By DON CIO Communications Team - January 5, 2015
A Department of Defense Chief Information Officer memo published Dec. 15, 2014, significantly changed DoD CIO guidance on the acquisition and use of commercial cloud computing services. Per the memo, components may now acquire cloud services directly, without going through the Defense Information Systems Agency (DISA), if a business case analysis demonstrates that doing so results in better value. Components remain responsible for determining what data and missions are appropriate for hosting in commercial cloud services.

The memo, "Updated Guidance on the Acquisition and Use of Commercial Cloud Computing Services," also details how the Federal Risk Authorization and Management Program (FedRAMP) will serve as the minimum security baseline for all DoD cloud services. Per current policy, components may host unclassified DoD information that has been publicly released on FedRAMP approved cloud services. Sensitive data may only be hosted by cloud service providers that have appropriate provisional authority issued by DISA and must be connected to a commercial cloud environment through a DoD approved Cloud Access Point (CAP).

The DON is currently beginning commercial cloud pilots, which will assist in resolving important issues prior to implementation, such as determination of what systems and data are appropriate for hosting in commercial cloud spaces, and devising standard processes and rule sets for system owners and cloud service providers to follow. However, stakeholders are committed to finding resolutions as soon as possible. The DON CIO will provide further guidance on cloud services usage as lessons learned from pilots are incorporated into solutions and overall process details are worked out.

Updates enacted by this memo will be more thoroughly covered during a cloud computing session at the DON IT Conference, scheduled for Feb. 10-12 in San Diego, California.

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer