As the Defense Information Systems Agency looks to reorganize as military missions abroad wind down and the Defense Department deals with mandatory spending cuts, the focus is falling on the cloud.
Chief Information Officer David Bennett said at DISA’s forecast to industry Wednesday the agency is still feeling out how they will move forward with commercial cloud, but is ready to look at any and every option available.
“We will not rule out anything at this point in terms of how we would execute our cloud function,” Bennett said.
Bennett does say he has a team that plans to focus on Infrastructure-as-a-Service (IaaS), with emphasis on having products reach data security levels above where they currently stand.
“As we look at this cloud security model, we’re going to look to put a vehicle in place that will give us stability to host not only levels 1 and 2, which house publicly releasable information, but levels 3, 4, and 5, unclassified but sensitive information” such as personally identifiable information (PII).
Bennett said the cloud services DISA is considering differ from milCloud — a cloud services portfolio that manages DOD applications — in that some data stored on future cloud services will sit outside DOD’s “fence line.”
“I fully expect we will put things fully out in the commercial cloud, for instance, publicly released information, we’ll just put it out there and forget about it. We’ll keep it updated, but, we’re not gonna put any controls on it,” Bennett said. “But for the higher level of information, like PII or [health information], we can put that into a commercial facility, but we want to have some awareness of what’s going on with that information and extend the fence line around that enclave so we can maintain awareness.”
Bennett also sees a focus in “unified capabilities” – a suite of software that manages voice, video and other data services across a consolidated network — with DISA’s approach mirroring their cloud-based strategy.
“We have things that we want to do to gain lessons learned and then roll that into a longer term strategy,” Bennett said. “This is going to be one of those things, in my opinion, that’s going to be a significant game-changer within the agency.”
Change is already coming to unified capabilities, with Jessie Showers, vice director of network services, saying DISA is expecting to fully move from a fixed switched network to an all-IP network no later than 2016. Showers also said DISA is shutting down its legacy video solution to use a new global video service that’s expected to reach initial operational capability in November.
“We’re posturing the greater organization of DISA to be better prepared for what we see our future as,” said Army Major General Alan R. Lynn, vice director of DISA. “We are having a lot more collaborative work with the services. We have always been in the cyber business, but that business keeps increasing. We see ourselves more and more involved.”
Lynn said the reorganization is part of a changing dynamic that will allow DISA to better protect and serve the military’s own networks.
“I think the services are doing a great job of protecting their networks,” Lynn said. “What we want better capability and better visibility on is all the data feeds that they have. Let’s say they have attack vectors coming toward them, they all can see those individually. Where we would have greater impact is if we could see the total picture of the attack so we could do the large data analytics and spread the word to other services.”
Other points of focus for Bennett include:
- Joint Enterprise Licensing Agreements (JELA), which allow DISA to combine contract requirements with military branches and other agencies in order to “incentivize industry to provide best pricing.” DISA started using JELAs last year, and wants to use them particularly with the U.S. Air Force and Army moving forward. “We want to leverage JELAs at every opportunity so that we get the best price for the customers,” Bennett said.
- Consolidating more than a hundred global service desks into one virtual desk, a project that is already underway and keeping with an application rationalization directive that calls for the DOD to analyze and move applications that are not on a local service to one of eight enterprise-level data centers in the continental U.S. “It’s a contract vehicle we are looking to put in place that would be available for the services to leverage as part of their process of analysis of their application. We’re trying to help the services at-large execute their mission by providing a vehicle by which they can do some things they have to do [which are] tied to moving their applications into the data centers.”
Slides from multiple presentations during the forecast are available on DISA’s website.