Email this Article Email   

CHIPS Articles: Cloud Computing Solutions Make Great Strides in the DON and DoD

Cloud Computing Solutions Make Great Strides in the DON and DoD
Department of the Navy issues cloud computing policy
By Heather Rutherford - July-September 2013
The long-awaited promise of cloud computing for the Department of Defense is approaching at a rapid pace. In less than a year since the DoD Chief Information Officer Teri Takai designated the Defense Information Systems Agency as the cloud broker for the department, DISA has achieved a seminal milestone by obtaining initial operational capability (IOC).

According to a DISA press release dated April 16, the DoD CIO is committed to accelerating the adoption of cloud computing within the department, and reaching IOC means the agency has the framework in place for executing this mission. Additionally, DISA has established a process for gathering and assessing mission partner requirements, evaluation criteria for service offerings to include recommended contract requirements, criteria for matching mission partner requirements to the appropriate offerings, an enterprise cloud service catalog, and a cloud security model.

Benefits

In the commercial world, the widely touted benefits of cloud computing include reduced spending, streamlined processes, improved accessibility and greater flexibility, among other things.

The benefits to the Defense Department are much the same as the commercial world, but discussed in terms of mission. According to DISA, cloud computing will not only meet Joint Information Environment objectives, but also deliver enhanced mission effectiveness and improved operational efficiencies which will enable the DoD to consolidate and share commodity IT functions, resulting in a more efficient use of resources. The DoD Cloud Computing Strategy will move the department from the current state of a duplicative, cumbersome, and costly set of application silos to an end state which is an agile, secure and cost-effective service environment that can rapidly respond to changing mission needs. The DoD CIO is committed to accelerating the adoption of cloud computing within the department and to providing a secure, resilient enterprise cloud environment through an alignment with departmentwide IT efficiency initiatives, federal data center consolidation and cloud computing efforts.

Cybersecurity

DISA has performed cybersecurity assessments of two commercial cloud services that have been granted Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board Provisional Authorizations, but has not yet named the providers. DISA said that announcement of the approval of these commercial cloud services for information approved for public release is imminent, pending community approval of the associated assessment processes. In the meantime, the agency continues to conduct security assessments to expand alternatives for future cloud service offerings.

Responsibilities

As cloud broker, it is DISA’s responsibility to facilitate contracting and acquisition by developing model contract language that supports implementation of the cloud security model and appropriate use of commercial cloud services. DISA is currently developing the model contract language to make it easier for mission partners to ensure they have considered all the appropriate areas when they contract for cloud services.

In the coming months, DISA plans to further automate the cloud service request process, incorporate new offerings into the service catalog, and enhance the security model to further accommodate mission partner requirements.

DoD Cloud Computing and Google

In February, DISA and Google signed a Cooperative Research and Development Agreement (CRADA) to explore ways for DoD users to securely authenticate to commercial cloud service providers.

"The results of the CRADA are going to play a major role in our cloud strategy going forward," said Deputy CTO for Enterprise Services Jack Wilmer. "The resulting Authentication Gateway Service will be critical to connecting DoD users to commercial cloud services while maintaining security through CAC logon. While the current Google pilot is scheduled to end on 30 September, this is laying the groundwork for many future cloud services."

DISA is also using the Google pilot to explore and validate next generation approaches to cloud-based email that can work with DISA's existing Defense Enterprise Computing Center (DECC) hosted Defense Enterprise Emails (DEE) service.

"The DISA-Google CRADA work is a necessary precursor activity that if successful would allow DISA to bring competitive commercial ‘cloud-based’ e-mail providers into the DEE Service Offering," said DISA Vice Director Rear Adm. David Simpson. "The goal would be to provide for a portion of the DEE user communities' e-mail requirements with lowest cost, technically acceptable service providers whose security is commensurate with organizational and individual assigned missions for the designated DEE users. The target implementation would integrate lower cost offerings into the Single E-mail Enterprise in a manner that continues to utilize one directory service for the entire DoD and seamless collaboration between commercial and DoD hosted DEE environments," Simpson said.

The Department of the Navy Issues Cloud Computing Strategy

In April, the DON CIO Terry Halvorsen announced that the DON Secretariat took the innovative first steps of moving unclassified data to a commercial hosting environment. The Secretary of the Navy’s public-facing information portal is now hosted in the Amazon Web Services cloud. The decision to host the data on a public Web server resulted from an analysis of several factors, including the type of data stored in the portal, the ease of access due to significantly faster response times, security and cost.

The DON first considered a government site to host the portal, but found that commercial sites are less expensive. Further, congressional guidance requires the department to evaluate and select commercially provided services that meet security standards and are less expensive than what it costs to perform those services internally. As a result, the DON has achieved a 50 percent reduction in cost to operate the portal.

The Amazon option is the first case of the DON placing low-risk, public-facing data on a commercial server to save money. The department will continue to explore similar savings opportunities.

DON’s Cloud Computing Policy

If a more cost-effective DoD solution becomes available, the DON’s use of a commercial server for cloud computing is subject to change.

As of right now, the DON CIO plans to use the DON’s initial implementations of commercial and governmental cloud hosting services to define the DON security documentation, certification standards and processes unique to cloud systems while searching for cost-savings. More specifically, in the Update to the DON Approach to Cloud Computing strategy, issued in June, the policy states that, pending further guidance from the DoD CIO, the DON Deputy CIO (Navy) and DON Deputy CIO (Marine Corps) will proceed as follows:

  • Ensure all systems are properly certified and formally approved by the appropriate Designated Approval Authority, and required entries are made in the DON IT Portfolio Repository (DITPR-DON) and DON Applications and Database Management System (DADMS);
  • Utilize the Broker to identify and vet commercial cloud service providers to host low impact systems and mission functions at lower costs than in government-owned and operated facilities;
  • Analyze alternatives to identify the most cost-effective hosting environment for medium impact systems. The analysis will evaluate commercial, federal and DoD solutions; and
  • To assist the broker with accurately capturing requirements, categorize data as impact levels 1-6 using the Cloud Security Model.

FOR MORE INFORMATION

DON Approach to Cloud Computing

http://www.doncio.navy.mil/ContentView.aspx?id=4695

Secretary of the Navy Ray Mabus greets Cmdr. Joseph Ring, commanding officer of the guided-missile destroyer USS Mustin (DDG 89) during a visit aboard Mustin during a trip to East Asia. Mabus uses Amazon cloud services for his public-facing website. U.S. Navy photo by Culinary Specialist 2nd Class Fidel Hart.
Secretary of the Navy Ray Mabus greets Cmdr. Joseph Ring, commanding officer of the guided-missile destroyer USS Mustin (DDG 89) during a visit aboard Mustin during a trip to East Asia. Mabus uses Amazon cloud services for his public-facing website. U.S. Navy photo by Culinary Specialist 2nd Class Fidel Hart.
Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer