DoD to issue commercial cloud policy directive

August 24, 2011

The Department of Defense will soon issue a commercial cloud computing policy, according to agency chief information officer Teri Takai.

“We’re going to be moving in many cases toward a private cloud construct, but we’re thinking about the possibilities for commercial cloud,” Takai told an audience at the annual Defense Information Systems Agency conference, according to Information Week. “One of the things my office is working on is, as we move toward commercial cloud, what does that mean and what do we need from a DoD perspective.”

Takai didn’t give any more details on the actual release of the policy.

Takai also discussed the Army’s new enterprise email system and what it means for other branches of the military. The Army’s system is built in the Defense Information Systems Agency’s private cloud. She said she would like to see others use it if they see value in it.

“Remember that enterprise email doesn’t necessarily mean that everybody goes to DISA. We have to get to a common identity management structure, we have to get to a common directory structure, we have to be able to collaborate. That’s really the infrastructure that’s critical here. We’re working with the Navy right now to say, ‘What does that look like for Navy?’ My preference is to work through the technical details to get to our end objective, because when you do that, you don’t have to dictate. Otherwise, if I dictated something, I’m going to be the bad guy every time somebody’s BlackBerry doesn’t work. That doesn’t get you to the end objective.”


This week in the cloud

August 18, 2011

Two big stories this week in the cloud computing arena being covered by Federal News Radio.

Two firms protest GSA’s email cloud RFP

The General Services Administration’s $2.5 billion email-as-a-service contract is under protest. The two vendors filing the pre-solicitation protests said GSA’s requirement to have a government-only cloud is a “restrictive specification” and therefore not allowed under federal acquisition rules. Federal News Radio’s Jason Miller reports GSA is continuing to evaluate offers while it waits for a decision by the Government Accountability Office, which is expected by Oct. 17.

Army cloud email a ‘pathfinder’ to enterprise services

After being on hold for the past month, the Army on Tuesday resumed the migration of its 1.4 million email users around the world to the cloud. Federal News Radio’s Jared Serbu reports, Army leaders are now aiming to have the entire migration completed by March of next year. The Army sees this as its starting point for greater use of the cloud. Once the email migration is complete, Mike Krieger, the Army’s deputy chief information officer, said his agency plans a new wave of enterprise services enabled by a more unified network, including collaboration tools in the cloud.

DoD, HUD, Interior ramp up cloud usage

July 13, 2011

Agencies across the federal government are increasing their use of the cloud. Over the past week, Federal News Radio has covered several agencies moving in that direction including Defense, Interior, and Housing and Urban Development.

The Defense Contract Management Agency told Federal News Radio’s Jason Miller moving to zero client computers is one of its top priorities. Jacob Haynes, DCMA’s chief information officer, said it’s the next step beyond thin client computers.

“A zero client device is the size of a small book and it sits on the desk and you plug all peripherals in to it, instead of having a hard drive or CD-ROM drive, all the things that forces mass in regular computers is done in the cloud,” he said. “That includes the storage, the computing power and anything else. The device is just there messaging.”

At the same time, the Interior Department announced its plans to transform its IT infrastructure. Interior says the four-year project will save $500 million from 2016-2020. Part of those money-saving efforts come in the form of cloud utilization, according to a separate report from Miller.

“We currently manage 13 stand-alone email systems at DOI, a result of the dispersed nature of the agency and a legacy of piecemeal development of IT at the bureau level,” agency CIO Bernard Mazer wrote in a blog. “We are in the process of consolidating these systems into a unified, cloud-based email service that will support 85,000 users across DOI. will also be moving to a cloud platform in order to better accommodate the five-million visitors per year who use the site. Of course, both of these initiatives will lead to cost savings, but the cloud also promises better service, such as guaranteed 99.9 percent uptime for both projects.”

After outsourcing much of its network infrastructure, HUD says it now wants to put it in the cloud.

“What is not there in a managed services contract is the business model of cloud. We do not have the elasticity. Prices do not go down when we use less,” Chief Technology Officer Mark Day said at a recent conference. “Managed services is what you might consider the high water mark price. If we ever bought that much of the infrastructure, we pay for that much of the infrastructure. In a cloud, you go up and down as your needs change. That is really what we are doing. It’s not a technical move for us. It’s a business model move in the procurement realm.”

DoD doesn’t rule out commercial cloud vendors

April 12, 2011

When it comes to using the cloud, Defense Department chief information officer Teri Takai says a private cloud will help her department achieve the highest level of security. But she didn’t rule out using commercial cloud services completely.

During a House Armed Services Subcommittee on Emerging Threats and Capabilities hearing last week, NextGov reports Takai said, “There will be instances where we [can] use commercial cloud providers…[if] they meet our standards.”

According to NextGov, Takai did not specify which types of cloud services DoD would consider purchasing from commercial vendors.

Cyber Command, NSA tout benefits of cloud computing

March 29, 2011

The head of U.S. Cyber Command says cloud computing is part of his plan for staying ahead of the cyber threats that face the Defense Department.

“A year from now we should be well on our way to having a hardened architecture proven and in place, which provides a new level of cybersecurity,” said General Keith Alexander.

“The idea is to reduce vulnerabilities inherent in the current architecture and to exploit the advantages of ‘cloud’ computing and thin-client networks, moving the programs and the data that users need away from the thousands of desktops we now use – each of which has to be individually secured for just one of our three major architectures (NIPRNet, SIPRNet, and JWICS) – up to a centralized configuration that will give us wider availability of applications and data combined with tighter control over accesses and vulnerabilities and more timely mitigation of the latter.”

Alexander testified about the use of cloud computing at a House Armed Services subcommittee hearing last week.

He told the Committee use of the cloud will help reduce DoD’s IT costs. Alexander also addressed the issue of cloud security.

“This architecture would seem at first glance to be vulnerable to insider threats – indeed, no system that human beings use can be made immune to abuse – but we are convinced the controls and tools that will be built into the cloud will ensure that people cannot see any data beyond what they need for their jobs and will be swiftly identified if they make unauthorized attempts to access data.”

Debora Plunkett, director of the National Security Agency’s Information Assurance Directorate, agrees with Alexander’s statements. She tells NextGov cloud computing is “the IT architecture of the future.”

Both believe the use of the cloud will help streamline the way their agencies operate.

“The idea is to transform the Department of Defense’s information systems from something to be passively guarded into a suite of capabilities that offer our commanders and senior leaders opportunities to adjust our defenses,” Alexander said during the hearing. “If people who seek to harm us in cyberspace learn that doing so is costly and difficult, we believe we will see their patterns of behavior change.”

Cloud fosters collaborative decision making

June 24, 2010

Ever had trouble making a decision and didn’t know what to do?

Well, cloud computing is fostering a new way of thinking called collaborate decision making.

Decision Lens is one company that’s doing this in the area — and with the federal government.

Today, Fed Cloud Blog talks with John Saaty, the company’s CEO, who explains how they bring companies and agencies together to facilitate decision making.

JS: We have a web-based, software-as-a-service product and there are certain federal agencies [where] the hosting of data is fairly sensitive to them — who’s hosting it and how it’s being accessed and things like that.

So, I would say, where cloud computing is right now — it’s really a hybrid, depending on the level of importance of the data. Sometimes we host it at our data centers . . . which are out in Ashburn, Virginia, [and] other times we actually deploy the entire web application right inside their network and they’re managing their own cloud.

It’s really kind of in between right now.

We are seeing some common hosting centers that are approved by the government that are starting to host all these different applications for different agencies. So, they’re starting to kind of corral around that kind of a concept — with an approved hosting center.

FCB: One of the biggest issues with cloud computing — and why some agencies are apprehensive about doing it — is because of security issues. If your data is not in your office or on your PC, who knows what’s going on with it? Talk a little about some of the broader implications of cloud computing and security. Have you some people changing their minds about cloud computing?

JS: I think you have to always weigh the costs versus the benefits, and the potential risks versus the upside and the opportunity of using cloud computing.

Cloud computing platforms are much easier to manage, much easier to deploy. The data is all residing in one area that is in the cloud that you can actually control a lot more effectively than if you are trying to manage desktops or laptops all over the organization.

So, I think that the biggest risk is between the person’s computer and the actual center and what happens to that data over those lines, but there are new types of encryption technologies that are making the transport of data very robust, very effective.

We actually use those at Decision Lens. I think, over time, as people start to experience it more and more that those type of concerns are outweighed by the benefits of hosting everything in the cloud.

FCB: What do you think is happening in terms of the onus of owning up to a [security breech]? Do you see it as more of the federal agency or the organization having to do their research, or do you see it as the onus lying completely on the person who’s hosting the data?

JS: That’s a good question. I think the onus is absolutely on the organization hosting the data, but something that happens — so, for example, we go through data audits all the time by our customers. Fortune 500 companies will do a complete end-to-end audit of how our data is handled — everything from the hosting center to our office locations to how we secure things, the different password types that we use.

I think it’s a little bit of both.

On the end of the company’s providing the service that it really benefits to have already thought through all of that information and provide it right up front in the buying process. We do that. We have something called a Technical Services and Security Handbook, and that goes to any client who’s going to be accessing our software to explain to them all the different processes, procedures, systems, security that we use — it’s been audited, here’s the results of the audit — so that they can be comfortable with how we’re handling the information.

FCB: Let’s talk a little bit about the work you do with the federal government. I understand you do work with DoD’s Operationally Responsive Space. First, explain what that is and then how you’re working with them.

JS: It’s a very interesting office.

A couple of years ago, when space became open season for conflict between countries, what we realized was — the Chinese actually ran a test on blowing up a satellite — that if our satellites are taken out, typically the cycle time to get a new satellite in space is anywhere from three to five years.

So, if all of a sudden a variety of our satellites were taken out by an enemy of some sort, we’re going to be blind in the skies for a long period of time. So, the ORS — the Operationally Responsive Space organization was created to innovate how satellites and space assets are deployed — try to bring it from three to five years to roughly two weeks. They want to get new assets in place up in space in two weeks.

It requires a completely new way of thinking, where you’re using technologies that are known and maybe are assembling them in new and innovative ways to really move that cycle time up.

So, we actually work with them — without going into too much detail — they use Decision Lens to collaboratively decide on vendors that can provide them systems for satellite deployment. So — who are the most advanced companies in the space that can help provide either new technologies or delivery vehicles for them to get these things into space much more quickly than its ever been done before.

FCB: Without, again, going into too much detail . . . is this a process where you sit in an office with someone, or do you telecommute?

JS: Collaborate decision making — there’s two ways that it happens: either in meeting rooms where people have keypads and we’re actually facilitating a session where we’re talking about what the important criteria are for the judgement.

So, for example, if you were going to be selecting a car for yourself, criteria would be things like performance, style, safety, mileage — and then you would go and evaluate the alternatives — how do these different cars perform against the criteria that I’ve selected

So, we do that in a collaborative way in meetings, or we also . . . run collaborative decision sessions [on] the web where everyone’s participating live at the same time.

Next week — more with Decision Lens!

USAF looking at ROI on cloud computing

January 20, 2010

When it comes to cloud computing, where is the U.S. Air Force?

Fed Cloud Blog answers this question by talking with USAF chief information officer Lt. Gen. Bill Lord.

“We’re determining the return on investment right now and have already signed up to be partners with DISA. DISA is evaluating their rates to make sure their rates are as competitive as everybody else’s rates are in the commercial space. Then there’s a policy thing that we have to consider about where we’re permitted to allow DoD data to reside. So, we’re in the process of harmonizing those things so we can step out on it.”

Gen. Lord said the policy is generally around data and storage, and is not necessarily specific to the cloud, though cloud computing certainly applies.

“It’s generally around storage and data warehousing. Do we own the facility? Can we control the facility? Do we need to own the facility? In my personal opinion, there are plenty of very well-run commercial data storage locations that we could be well served by. So, we’re looking at those to make sure we’re getting the best return for the taxpayer dollars.”

He added that he doesn’t foresee a private cloud for the USAF at this point; rather, his branch would operate in conjunction with DISA.

“It would be in concert with the DISA cloud. So, there might be a public piece of that, but then then there might be our piece inside DoD cloud.”

As far as benefits, Gen. Lord says there are many.

“I think with with the virtualization that you get, quite frankly there are some wonderful green benefits, some COOP benefits that I think you can get by having your data all spread out — not all in the same location. So, I view it mostly on the positive side. Clearly we have to make sure that we’re comfortable with the security aspect of breaking all this stuff apart and then being able to put it back together and not having things change, but I think, for the most part, that technology is available.”

The USAF is looking at working more on cloud within the next six to nine months.

For more, check out Federal News Radio’s Ask the CIO.

And in other cloud news on Federal News Radio . . .

On In Depth, host Francis Rose spoke with former Deputy Assistant Secretary of Defense Steven Bucci about how to buy into the cloud while staying secure.

On the Federal Drive, hosts Tom Temin and Jane Norris talked with Phil Bond, president Tech America, about fallout from the China/Google dispute.