In-Q-Tel invests in secure cloud app delivery

Startup's virtual desktop platform could help ease DOD shift to the cloud.

The CIA's venture arm is one of the new investors in a Silicon Valley startup that is developing a secure cloud "workspace" intended to shift legacy desktop virtualization services running in datacenters to commercial cloud platforms like Amazon Web Services (AWS) and Microsoft Azure.

Cloud platform developer Frame announced Wednesday (May 17) that In-Q-Tel joined Microsoft Ventures and Bain Capital in a $16 million funding round. Frame also has been working with the Defense Innovation Unit Experimental DIUx to "prove out" its cloud application delivery approach.

Frame's technology strategy seeks to upend traditional virtual desktop infrastructure (VDI) used to host an operating system on datacenter servers. Software companies such as VMware pioneered VDI technology, which is widely used across DOD agencies.

As the cloud transforms the delivery of applications and services to enterprises, technology incubators like In-Q-Tel are pouring venture funds into approaches like Frame's. In an interview, a Frame executive said the startup has taken lessons learned in delivering enterprise IT and applied them to U.S. agencies struggling to shift to cloud computing.

Frame's technology allows users to securely access distributed applications via a web browser running on mobile and other devices. "The ability to reduce security risks with zero-footprint virtual desktop clients, while simplifying management of desktop software, is attractive to our government partners," noted George Hoyem, managing partner for investments at In-Q-Tel.

The goal is to push software services and a "security model all the way up the stack to the desktop," added Frame's Jason Holloway.

Founded in 2012, Frame added support last year for the AWS GovCloud and Microsoft Azure Government platforms. AWS is the primary cloud provider for the CIA and other U.S. intelligence agencies. Holloway, a former Air Force communications officer who later worked for the CIA, also served the chief technology officer for C2S (Commercial Cloud Services), the U.S. intelligence agency cloud.

He also helped develop technical specifications for the Intelligence Community IT Enterprise, a program that allows for easier data sharing among intelligence agencies through common standards and cloud storage.

Frame's virtual workspace service reflects the rise of the software-as-a-service model for delivering emerging cloud-native applications that run on web browsers. Frame stresses that its virtual workspace is designed to run Windows and Linux-based applications from any device. Cloud-based support also means complex applications like data visualizations can draw on unlimited computing power available from cloud vendors such as AWS and Microsoft.

The ability to scale computing power is important for high-end workloads such as geospatial applications that tend to bog down on traditional VDI architectures. Those computing-intensive jobs could be accelerated as a cloud-native application capable of leveraging graphics processors, for example, Frame's Holloway noted.

Industry analysts also note that cloud-native applications run faster and are easier to deploy than traditional VDI technology, which brings with it administrative overhead.

In-Q-Tel and DOD agencies such as DUIx, are betting that distributed applications will run securely. The cloud-native approach to application delivery is inherently more secure, Holloway asserted, adding that in the event of cyber breach, "The blast area is much smaller."

The company's cloud-first approach also takes advantage of the ability to scale computing requirements up or down. Many companies are exploiting that feature as they adopt hybrid cloud strategies that keep sensitive data and applications in datacenters while running other computer-intensive workloads in the cloud.

A cloud-based virtual desktop approach might allow DOD users to run some unclassified workloads in isolated AWS or Microsoft clouds regions while sensitive data is kept in-house, Holloway explained.

Frame, based in San Mateo, Calif., has so far raised a total of $32 million in two funding rounds.