Who will win as DOD cloud choices grow?

Defense agencies face a choice with the cloud: Go with the Defense Information Systems Agency’s milCloud 2.0 option, or source their own cloud from a commercial cloud service provider.

While either option is permissible under the Defense Department regulations, DISA is hoping more agencies will go with the former. Most of DISA’s budget comes from fees paid by the rest of DOD, via a working capital fund, for any IT and network services DISA provides to the rest of the department.

But there are compelling reasons for agencies to make either cloud choice. MilCloud serves as a front end for multiple cloud offerings - this should allow DLA extra flexibility in regards to their cloud environment. This can be an attractive option especially for agencies too small to purchase their own cloud offerings. The milCloud offering is more of a “plug and play” approach to the cloud than if the agency were to source its own cloud.

For agencies considering their own cloud, as opposed to milCloud 2.0, there are also some advantages. In many cases, agencies can negotiate better pricing, as opposed to paying DISA. They can get access to more specific cloud offerings, such as AWS Secret. And they have control over the management of the cloud and its vendors when making their own purchase, rather than going through DISA.

The DOD recently released a draft RFP for the JEDI Cloud, which will serve as another alternative option to MilCloud 2.0 in an effort to cut down on individual agencies procuring their own cloud services. There are more than 300 independent cloud initiatives ongoing throughout the DOD. Led by the Defense Digital Service, the JEDI Cloud is intended to be complementary to MilCloud 2.0 – whereas MilCloud 2.0 offers an on-premises access to commercial cloud offerings, the JEDI Cloud will not seek to employ an on-premises model. The JEDI Cloud program management team wants the offering to be inclusive of multiple cloud services, just like MilCloud 2.0.

Either way, agencies need to make a decision before long. Because of recent examples of adversaries exploiting vulnerabilities in a network through any element that touches it (for example, HVAC), DOD wants to be able to look across the entire supply chain to ensure that appropriate cyber protections are being used. That means a cyber threat-sharing platform, which will include a machine-to-machine threat indicator platform for data management, storage, systems engineering and dashboard management.

MilCloud 2.0 allows DOD customers to run their infrastructure from a commercial cloud environment. One of its leading DOD customers is the Defense Logistics Agency, which is using the offering at Maxwell Air Force Base and Tinker Air Force Base. MilCloud serves as a front end for AWS, Azure, Oracle, Salesforce, Service Now, SAP, Cisco and other cloud environments. This should allow DLA to employ more cloud environments than AWS alone.

At the infrastructure as a service level, DLA is leveraging Azure, IBM’s CMS-G and AWS already at FEDRAMP levels of 2, 4, and 5. So they’re already showing a willingness to use several different cloud service providers, rather than just AWS. Given some recent concerns that AWS may be gaining a monopoly in the government sector, it’s refreshing to see some different vendors getting some play at DLA.

On the other side of the cloud equation, let’s look at what’s going on with an agency that has chosen to go its own way: The U.S. Transportation Command (TRANSCOM).

TRANSCOM has been making a few waves lately by issuing a sole-source procurement for AWS Secret in December. AWS has been working on standing up their SECRET environment in response to DOD’s demand for a specifically SECRET instance, and TRANSCOM feels it’s their ideal solution.

The agency is getting a bit entrenched with AWS. They issued an unusual contract through DIUx, a small $2.4M other transactional agreement to REAN Cloud, a Herndon, Virginia-based company, for a pilot cloud migration of its logistical apps to the AWS SECRET environment. We’ll soon see TRANSCOM’s entire application portfolio making its way to AWS Secret. TRANSCOM is pursuing cloud more aggressively than other agencies in the DOD. They’re pushing to embrace the cloud, but unlike DLA, they are focusing more on AWS as their platform rather than a more agnostic approach.

Each DOD agency faces the cloud question: Do you want the flexibility of using a variety of cloud alternatives, or do you want the control you get from a sole source? The right path depends on how each agency is now using the cloud, and how it plans to expand that use in the future. As these two agencies show, both approaches have their merits. The rest is up to you.