How DISA is using secure clouds

Security is always a concern, but nowhere is it more important than at a place like the Defense Information Systems Agency.

Henry Sienkiewicz, chief information officer at DISA and tells us all about how they’re using secure clouds at his agency.

FCB: DISA runs RACE. It runs forge.mil, which was just used by the Army for its Apps for the Army program. What does the future hold?

HS: We actually just see a continual growth and emphasis on this. We, as an organization, have completely embraced the idea of agile dynamic provisioning — secure, scalable, elastic — I don’t want to keep using all of those buzz words, because I think, at times, we have all been Power Pointed to death, but using partnerships like Apps for the Army, has been able to allow us to recraft this as a market offering.

We internally learned a lot of lessons. We learned lessons about private code branding so that we were able to give the Army their own portal. We learned lessons about allowing middleware applications. I think you’re going to still see those other partnerships, or you’re going to see partnerships with organizations that are also pushing this envelope, like Transcom — where [leaders] are creating things like the Knowledge Management Lab out at Scott Air Force Base that are really embracing the exact same principles.

So, you’re going to see us having that continued emphasis on innovative service delivery — RACE, forge.mil. Also, when you look across that entire stack of cloud computing — global content delivery system — we’re just seeing more and more adoption of that. The 56 nodes are up and running and we’re adding more products every day. We’re working on things like enterprise recursive services.

You’re still seeing DISA looking across the entire stack and using [NIST’s] definition of the cloud for platform and infrastructure applications and software. You’re seeing a concerted push across all of those environments from the DISA family.

FCB: From your perspective internally, now, obviously you used to look more externally, now you’re looking more internally. Are you guys within DISA using RACE and forge.mil to address internal needs?

HS: Most assuredly. We have to embrace internally and use ourselves as the initial test bed for some of these things. I think one of the better examples — we were the test bed [for the DoD Visitor].

We put it up, we installed it onto our internal production system immediately. It is that ability to use your CAC card to login and sign in to a computer anywhere in the department. I was the one who accredited it for the department, and in my role as the DISA CIO — I also was the first one to install it on a production network. So, you’re going to see more of that activity, as well. We’re going to test and try it internally before we launch it out to the rest of the marketplace.

FCB: Has this been tested and tried so far within DISA?

HS: We actually have it up on our production network already, and we’re also seeing adoption across the department.

Hear more from Henry Sienkiewicz on Ask the CIO.

ACT-IAC’s cloud SIG needs you

2010 has already been deemed by some as the year of the cloud.

ACT-IAC is a non-profit, public-private partnership dedicated to improving government through the application of information technology.

They recently started a shared interest group (SIG) on cloud, and Habib Nasibdar is its chair.

He sat down with the Fed Cloud Blog to talk about why ACT-IAC decided to take this step.

Fed Cloud Blog: Tell us a little about this shared interest group. What are your ultimate goals?

Habib Nasibdar: The cloud computing shared interest group — SIG, as we call it — was created [in 2009] and it’s really a forum where industry partners get together with government executives in solving some of the core issues around cloud computing.

FCB How difficult was it to get people together from industry and the federal sector?

HN: It’s never easy to have people on the same page, but I guess the momentum put forward by the administration around cloud computing as part of the federal agenda [helped].

ACT-IAC’s leadership of immediate involvement to drive a dialogue around cloud computing helped tremendously.

FCB: When you have these discussions . . . are you finding that it’s harder for private industry to move forward or public, government agencies to move forward with cloud?

HN: It is actually difficult on both sides. Innovation is always driven by industry, and the government being the client, it drives and fuels that innovation.

It is difficult for government to adopt cloud, at times, because of the issues that they’re facing and trying to resolve.

I believe the dialogue is constant around some of the issues and challenges that federal agencies face in resolving those issues first, before the adoption begins.

FCB: Have you discovered anyone on [either] side who’s got a great set of best practices that everybody else might follow? Or are you still trying to figure out who that is?

HN: This whole cloud computing arena itself is so big, it would be unfair to say that anyone has any best practices, but there are certain federal agencies that have demonstrated, quite effectively, how they have adopted some of the core principles of cloud computing.

For example, you have RACE based out of DISA. They have done an exceptional job. Forge.mil is another DoD initiative. [Also] Nebula out of NASA. And, certainly, there’s Apps.gov.

So you have programs that are out there, but best practices are still in the works.

FCB: Do you see cloud computing as a whole facilitating the implementation of best practices [in other areas of government]?

HN Certainly. Cloud computing has a lot of promise.

That’s the reason there’s so much momentum behind it.

The short answer is, certainly, and again, as the discussions go on around cloud computing and federal adoption with industry innovation, I see things getting better.

FCB: Anything else you’d like to add?

HN: We, as a cloud computing SIG, are open to any industry partner who’s a member of IAC.

We have representatives from different perspectives, different functional organizations on our SIG.

What I would like to do is give a shout out to everyone . . . to participate, and help drive this dialogue further.

Find more details about how you can join here.

DISA building on what’s already been done in terms of cloud

Last week, AFCEA held its monthly luncheon in Arlington.

January’s topic was DISA 2010 and Beyond.

Anthony Montemarano is the Component Acquisition Executive at DISA and was one of the panelists.

After the lunch, Fed Cloud Blog caught up with him to chat a little bit about where DISA is going in terms of purchasing cloud services.

Fed Cloud Blog: From the acquisition perspective, is there anything that you guys are doing? Are you looking at cloud in any new ways, or is it more going down the same path?

Anthony Montemarano: You’re not going to see a cloud computing contract. Just like you see forge.mil — that’s cloud computing. Same thing with RACE. Even [the] Global Content Delivery Service. That facilitates cloud.

It’s going to be components that are forming the cloud. You’re not going to see a Web 2.0 solicitation from us. You might see social networking.

You’re not going to see anything from us [in terms of a contract], but those components may contribute to the cloud solution.

FCB: Obviously, there’s a lot of work going on. GSA with Apps.gov — the idea of IaaS, SaaS, PaaS — is that a path you guys are going down at all? Or is your focus really going to be about cloud being part of the bigger solution that meets the mission?

AM: The cloud is part of the bigger solution, but as far as those specifics, it’s going to be on a case-by-case basis. Remember what I say, and I’ll say it again — if GSA is doing it, why am I going to do it?

I will tell you as the acquisition executive at DISA, we are going to exploit what’s already been done. If they’ve done it already, let’s keep going with it.

I wish I could exploit what industry has for collaboration.

Why do I want to get something special? Well, it turns out what they have doesn’t quite make it; it has to be different.

I want to take what’s available.

I want to get out of the software writing mode. That’s no fun anymore.

Later this week — a conversation with Google Federal!