Military ponders private cloud services

The Defense Department's cautious approach to a private cloud seeks to maximize deployment, security and cost advantages.

It’s easy to see why a large and diverse organization such as the military is drawn to cloud computing: The technology allows large amounts of data to be sent and stored just about anywhere — even divided among locations worldwide. 

Although almost effortless data dispersion helps give cloud computing a sharp cost and performance edge, the downside is that critical information can land in storage systems that lack adequate security, privacy and other important safeguards.

Related coverage:

Army does forward march again on enterprise e-mail

To provide maximum protection, many military IT leaders prefer to rely on a secure internal cloud environment, leaving both public and nonmilitary private cloud networks to consumers and business users. Yet a once firm stance against private cloud contractors is gradually softening as such providers begin deploying stronger security measures and assurances. In testimony given in April at a hearing of the House Armed Services Committee's Emerging Threats and Capabilities Subcommittee, Teri Takai, the Defense Department’s CIO, said the department could decide to use public cloud services offered by companies such as Google and Microsoft, though she provided no time frame.

In the meantime, facing a shortage of internal cloud expertise, in addition to budget constraints and a desire to move into the cloud as quickly as practically possible, military IT leaders are turning to private service providers to fill existing gaps and guide their organizations.

For example, Microsoft is already involved in a pair of military cloud projects. The software giant is collaborating with the Army to migrate some 1.4 million e-mail inboxes to a cloud-based platform based on Microsoft technology and under the Defense Information Systems Agency's management during the implementation. Microsoft is also working with DISA to move an existing SharePoint collaboration platform into the agency’s cloud environment.

While DISA and Microsoft continue to work together closely on cloud projects, Susie Adams, CTO at Microsoft Federal Government Software and Solutions, said her company is limited to providing expertise in a DISA-operated data center environment. “Our role really is mostly advisory,” she said. “We’re making sure that the technology is accurate and that they’re doing this the right way.”

Adams is hoping that this situation will soon change. She noted that Microsoft, like other private cloud providers, has made significant strides to ensure that military data center resources are secure and isolated from other customers. She described Microsoft’s most secure data center offering: “[The systems are] all physically separated from other users — there’s a cage and there’s a direct network connection to it,” she said. “It’s still at a Microsoft data center — Microsoft employees and Microsoft owned — but they have a dedicated network, and nobody shares that infrastructure.”

Private contractors are also playing a role in military cloud migration by helping military organizations discover promising new technologies and best practices. Terry Halvorsen, the Navy’s CIO, said he was recently at a meeting in which John Chambers, Cisco Systems' chairman and CEO, described the steps his company is taking to include cloud performance and efficiency. “Cisco is working on the ability to move data through routers and switches faster,” Halvorsen said. “All of that is going to help us to continue to get better at this.”

Meanwhile, Adams said military IT leaders still haven’t fully committed themselves to turning complete deployments to private cloud providers, even when contractors have been fully vetted for procedural and security risks. She said the military seems to swing back and forth between favoring internal and external cloud approaches. “It’s not a technical risk perspective; it’s more of a procedural perspective in their minds,” Adams said.