Where DOD’s telework goes from here
The Department of Defense took all of a handful of weeks to get millions of workers on a virtual environment that allowed them to take the meetings and PowerPoint presentations typically hosted in conference rooms and conduct them in their homes. Called Commercial Virtual Remote, it was one of the largest technology lifts the massive enterprise had ever undertaken — and it was just the start.
The DOD is in the closing months of an even bigger lift, what it calls its “enduring” telework solution. But even calling it just a “telework” solution is underselling its scale. It’s a whole suite of systems, from Microsoft’s OneDrive to Excel, that the DOD says once fully rolled out will allow those working from the Pentagon and at home to access a full desktop of services.
It’s the type of work-from-anywhere solution long wanted in the government but that has been difficult to achieve due to security concerns.
“This is darn impressive when you look at where we started,” John Sherman, acting chief information officer of the DOD, told FedScoop in an interview.
Where DOD started was, in the words of one former high-ranking official, “disconcertingly retrograde.” Work collaboration tools that could be accessed outside of the Pentagon and physically off of its internal internet, the NIPERnet, were hard to come by.
The new “enduring” solution, coming mid-June, has been dubbed “DOD365.” Users can expect all the collaboration tools CVR provided, and then some, with added security layers the Pentagon is implementing on the systems.
“Our enduring capability is going to be with us for a long time,” Sherman said.
While DOD is billing its new solution as an expansion away from CVR, some functionality for users will be lost. Currently, CVR allows for any devices — be they personal laptops, cellphones or tablets — to log into the network and access low-security collaboration tools. Come summer non-government-provided cell phones and tablets will not be granted access, and personal computers will need a Common Access Card reader to add another layer of security.
“DOD 365 is not a replacement for CVR,” Sherman said. Instead, it has been a “parallel” effort that targets similar problems with more robust solutions.
Another difference is the backend configuration for the cloud systems that will support the suite of applications. Whereas the CVR was stood up so fast that DOD’s cloud management office had to work literally around the clock to support the launch, DOD 365 is being supported by a multi-tenant cloud system.
The first steps were taken with the 2019 award of the $10 billion Defense Enterprise Office Solutions contract, the DOD’s back-office IT award, not to be confused with the department’s other $10 billion contract for a tactical “war cloud” called the Joint Enterprise Defense Infrastructure (JEDI).
The “federated” approach in allowing agencies and services to stand up their own cloud tenants should ensure that members of the Cloud Computing Program Office don’t need to stop showering and sleeping to ensure the DOD can keep working, as they did during the CVR rollout.
“They are the heroes of the CVR,” Sherman said of the cloud office. “CVR was very centrally managed in [the office of the] CIO.”
Many tenants, but one focus on cybersecurity
Behind the scenes, IT and cybersecurity professionals are working across the department to implement the multi-tenant cloud architecture with advanced security measures approved by the Office of the CIO and Gen. Paul Nakasone, head of the National Security Agency and U.S. Cyber Command. The list of agencies working on the system is almost as long as those who will eventually use it, with a series of working groups and task forces assigned different aspects of the rollout.
There are “a lot of moving parts to this,” Sherman said.
Each of the services will have their own tenancy and the Defense Information Systems Agency (DISA) will support one for the Fourth Estate, the constellation of support agencies.
“This really is a super team sport,” Sherman said.
Not all of those moving parts will be in place by mid-June, but the majority of users are expected to be migrated over by then. And if vaccine distribution continues at pace, the Pentagon is expecting the demand on CVR to go down as more people can safely return to work.
As the program continues development, Sherman said his office’s most critical focus is ensuring the security of the system and its data. With so much of DOD’s work soon to be done on the system, it will be a ripe target for adversaries. Sherman is working to thwart ongoing threats with the added security layers beyond the usual systems.
“By goodness do we need to do this safely,” he said, in his Texas twang.
Part of that safety will come down to users and communicating effectively on what can and can’t be done on the system. It’s a tall order to convey to a force deployed around the world, but one Sherman said his office will be focused on for the next several months.
“This is one of the biggest lifts I have ever done,” he said.
This story is part of a FedScoop special report on the Future of Telework. Read the rest of the report.
This story was featured in FedScoop Special Report: The Future of Telework - A FedScoop Special Report