Stephanie Meloni

OPINION

Lessons from DOD's bumpy adoption of cloud computing

Don’t expect much speed as the federal government moves toward cloud solutions.

At a January AFCEA luncheon, Tim Rudolph, U.S. Air Force senior leader for integrated information capabilities, gave an analogy of how the military services are testing the waters with cloud adoption:

  • The  Army is in the water up to its knees.
  • The Air Force is in a car near the edge of the water with a kayak strapped to the roof.
  • The Marine Corps is wading in with a knife in its mouth.
  • And the Navy is digging its own pond.

His tongue-in-cheek comments highlighted the uneven approach the military departments are taking to cloud adoption. 

The Army is the farthest along, particularly with its move last year of both unclassified and classified email accounts to the DOD Enterprise Email service, hosted by the Defense Information Systems Agency. The Air Force more recently joined the Army in using DEE, although Air Force participation is limited to just unclassified email accounts for the time being.

The Navy and Marine Corps appear to be taking a more cautious approach to using DISA’s enterprise cloud functions, and rely to a greater extent on their own private architectures.The Navy, however, has turned to commercial cloud providers like Amazon Web Services for some of its non-sensitive functions.

Despite these measured moves, most agencies have yet to shift a substantial portion of their portfolios to the cloud. This will complicate the department’s move toward the Joint Information Environment concept, which relies on cloud technology to bring about its vision of greater shared services and interoperability.

The Navy and Marine Corps have not embraced DISA’s cloud-hosted DEE, mainly due to cost. They  have argued that their own internally developed, enterprise-wide email system is more economical and are in the process of performing a business case analysis.

Furthermore, cultural factors are also playing a role in cloud adoption. Users that migrate to the DEE have to give up their “service branch.mil” email addresses in exchange for a more generic “mail.mil.” While a small and seemingly insignificant change, this might contribute to the feeling of giving up autonomy within the services. Cloud adoption also requires compromise among engineers – there needs to be tradeoffs in vetting solutions – which certainly contributes to delays with implementation.

Another major issue impeding cloud adoption involves security of data within the cloud.

FedRamp (Federal Risk and Authorization Management Program), a rigorous certification process that forces a government-wide security standard on all cloud services, was created to alleviate security concerns. DISA has complained that the current pool of FedRAMP-authorized cloud service providers is too small and needs to grow to offer the government the best mix of services and security.

The number of certified vendors is expected to increase as the federal cloud market expands, but because certifications can take six-to-nine months to complete, it may be some time for the process to clear any backlogs. DISA will be putting its own internally developed cloud solution through the FedRamp process in solidarity with industry.

Despite these impediments to cloud adoption, the future is looking brighter.

Those who have migrated to cloud-hosted services are reporting initial success.

The Air Force has been very happy with its migration to DEE and even admitted that DISA is doing a better job internally with their email systems than the Air Force had, Essye Miller, director of information management for the Office of the Administrative Assistant to the Secretary of the Air Force, said to attendees of a February AFCEA event. Many of the details surrounding how DOD will implement cloud solutions are still fuzzy, and there are still many questions and security sensitivities that need to be addressed before the ball can truly get rolling.

The demand for cloud is there, but like all new initiatives in government, there are many barriers that serve as an impediment to the implementation process. Industry can drive progress by working with the services to identify some quick wins – that is, projects that will easily transition to a cloud environment.

Folks in industry should also work with the government to help plan out all cloud projects properly so that they can be executed efficiently (and be honest, even in cases when it might seem that the cloud may not be the best solution).

Successful cloud projects and lessons learned will inspire others in government to look at how cloud solutions might benefit their agencies, as well as see examples of how others were able to overcome roadblocks. As cost savings and efficiencies are realized over time, industry can be optimistic that the government will gain confidence in cloud, and implementation finally will begin to catch up with demand.

About the Author

Stephanie Meloni is a senior analyst with immixGroup. She can be reached at Stephanie_Meloni@immixgroup.com.

Reader Comments

Wed, Mar 26, 2014 JB OKC, OK

To the commenter who believes DEE is not a cloud service, you are confusing backend design with the NIST description of customer experience. Indeed, simply because the computing centers are physically described and located on secure installations, that does not mean anything to the end customer that can provision new user and group email accounts. It is true that new pods are added for scalability, but that is invisible to the end users for all practical purposes, other than the engineering needs of opening network traffic to new ipspace within NIPR. DISA has done a superb job of bringing on microsoft SME's and recruiting talent from across the country to support the enterprise.

Mon, Mar 10, 2014 Rich

As one commentator already pointed out: DEE is not "the cloud." What's more, it has made it next to impossible for ordinary Guard soldiers to access. The old Army "AKO" e-mail wasn't great, but at least soldiers could access it without a CAC.

Mon, Mar 3, 2014 Stephanie Meloni

The major theme of this piece was that the adoption of cloud solutions within DOD has been tepid; and I had hoped to provide some examples of where cloud had been embraced, and where opportunity remained. DOD does classify DEE as a cloud solution; it’s a solution that requires minimal management in order to provide users convenient and secure access to email from anywhere in the world. Tactical cloud implementation would certainly be an interesting topic to address (maybe next time!)- will be interesting to see how DCGS-A cloud deployment will influence how military delivers intelligence to our warfighters.

Sat, Mar 1, 2014

Commercial clouds already have tremendous security features. In many ways they are more secure than the current corporate networks that we rely on. Moving to cloud computing benefits both efficiency and security.

Fri, Feb 28, 2014

The current DISA enterprise email is not cloud computing from a technical perspective. According to their website, they use pods, basically dedicated server farms, to handle limited amounts of users per pod. In order to scale, they have to procure, provision, and manage new pods each time. See http://www.disa.mil/Services/Enterprise-Services/Applications/DoD-Enterprise-Email According to NIST's definition of cloud computing "A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider." http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close
SEARCH
 Top 100 Slideshow
contracts DB

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Read More

  • Is SBA MIA on contractor fraud? Nick Wakeman

    Editor Nick Wakeman explores the puzzle of why SBA has been so silent on the latest contractor fraud scandal when it has been so quick to act in other cases. Read More

Webcasts