What Google’s New Contract Reveals About the Pentagon’s Evolving Clouds

5/13/20 A view of Grow with Google logo as seen from Chelsea office during the coronavirus pandemic on May 13, 2020 in New York City.

John Nacion/STAR MAX/AP

AA Font size + Print

5/13/20 A view of Grow with Google logo as seen from Chelsea office during the coronavirus pandemic on May 13, 2020 in New York City.

For one thing, it disproves fears that the massive JEDI contract meant one company would get all the work.

Google will build security-and app-management tools for the Pentagon’s Defense Innovation Unit, deepening the Silicon Valley giant’s military ties and illuminating the challenges facing the Defense Department’s drive to a multi-cloud environment.

Tools and a console built with the company’s Anthos application management platform will allow DIU to manage apps on either of the cloud services heavily used by the Pentagon: Microsoft Azure, which won the hotly contested JEDI cloud contract, and Amazon Web Services, or AWS, heavily used by DoD researchers, from a Google Cloud console.

Mike Daniels, vice president of government sales for Google Cloud services, said the company’s approach to security both complements and differs from those of Microsoft and AWS. Traditional “castle-and-moat” network security uses firewalls and virtual private networks to keep attackers on the other side of some sort of digital barrier. The higher security certification, the deeper and wider that moat. It works well enough in a single-cloud environment but less well in one with applications running in multiple clouds. It can also present problems when you’re dealing with an “extended workforce”: a bunch of people working from home or different locations.

Google’s approach is based on fewer borders, perimeters, and moats, Daniels explained. “It looks at critical access control based on information about a specific device, its current state, its facilitated user, and their context. So it considers internal and external networks to be untrusted,” he said. “We’re dynamically asserting and enforcing levels of access at the application layer, not at the moat or perimeter. What does that do? That allows employees in the extended workforce to access web apps from virtually any device anywhere without a traditional remote-access [virtual private network].”

Wednesday’s announcement reveals a couple of things:

First, it shows that the Pentagon is moving away from its older multi-cloud environment, a kluge of little clouds mostly from longtime defense contractors. When the JEDI program was announced, a lot of those vendors howled that a single massive cloud contract would leave DoD overly reliant on one company. The Pentagon countered that while JEDI was its biggest cloud contract to date, it would not be the last. What DoD did not say—but what some vendors should have anticipated—is that Azure and AWS will be picking up more and more of that business. Case in point: the Air Force’s Cloud One, a key node in their Advanced Battle Management System concept, is a hybrid AWS-Azure cloud. “Multi-cloud environment” for DoD increasingly means AWS and Azure. Future software should be compatible with both. 

Second, it shows that Google is overcoming its employees’ resistance to defense contracting. In 2017, newly appointed Defense Secretary Jim Mattis made Google one of the main stops on his tech tour. His favorable impression of the company’s pioneering cloud-based approach to AI shaped the JEDI competition and helped give rise to Project Maven, a program to apply AI to intelligence, surveillance, and reconnaissance. But an employee protest led Google to end its work with Maven.

Since then, Google has put in place a list of ethical guidelines, which, it says, should enable the company to work with the Defense Department in a way that doesn’t violate what it sees as its core values. It’s working with the Joint Artificial Intelligence Center on projects related to healthcare and business automation and far-reaching research initiatives in AI safety and the post-Moore’s Law computing environment. Meredith Whittaker, the Google employee who led the protests, left the company last year.

Last April, Kent Walker, the company’s senior vice president for global affairs, described the perception that the company was opposed to doing national security work, as “frustrating.” 

Government cloud contracts have become a lot more important to Google’s business model than they were a few years ago. Google has tripled its investment in the public sector space, said Daniels. While this individual contract award is in the seven figures range, Daniels sees it as a possible pathfinder for future work with more of the Defense Department, enabled by DIU. “Frankly, the U.S. DoD is important to us, both domestically as well as globally. We are a global public sector business. To the extent that the U.S. Department of Defense is doing work with us, I do think that is an indicator for us globally as to the confidence that governments around the world can put into Google as a business partner.” 

Close [ x ] More from DefenseOne