Is security the real problem for an intelligence community cloud?
Like the rest of the federal government, the intelligence community [IC] is looking for ways to save money and eyeing the cloud environment as one possible way. Unlike counterparts in other agencies, intelligence organizations are inherently secretive with essentially peerless security requirements. So how will it move to the cloud?
A successful approach will hinge on collaborative partnership, common solutions and effective policies, according to a panel of intelligence officials who spoke March 23 at an AFCEA briefing in Arlington, Va.
“The Defense Department can’t succeed without the IC, and the IC depends on the department for capabilities,” said Neill Tipton, director of information sharing and partner engagement in the office of the Deputy Under Secretary of Defense for Joint and Coalition Warfighter Support. “Technology is the enabler, but it’s about policies that make data available to people where ever they are.”
Tipton said three key factors driving the intelligence community’s move to the cloud include efficiencies mandates being implemented across DOD, department-wide changes in IT like consolidation and the changing needs of current and future mission networks.
But contrary to popular belief, security may not be the biggest problem.
“What difference does the cloud make? It turns out that there are some things that are far more secure…there are a few things that are far less secure. By and large, most security issues are unchanged simply because we changed the technology. We have the same issues, by and large, that we already had,” said Hank Beebe, intelligence community CIO in the Office of the Director of National Intelligence. “The more interesting part is having to deal with things like certification and accreditation, achieving reciprocity [and] moving against the insider threat.”
In fact, those are just a few concerns on a laundry list of challenges outlined by the panelists.
Jack Gumtow, CIO of the Office of Naval Intelligence, said scalability and access to data across DOD and the IC continues to be a problem, as does governance.
Other issues include overcoming a traditionally exclusive approach to problem-solving and the sheer volume of solutions necessary to achieve all the goals of moving to the cloud, Beebe added.
“We’re not going to get [50 percent savings] with cloud. It’s going to be an aggregation of lots of technologies, one of which is the cloud,” Beebe said. “The good news is everyone agrees we need to solve [these] problems. DOD and the IC recognize that this needs to be worked together, not separately. I don’t know there will ever be a common solution, but we need to at least be able to mediate between solutions.”
Some of those solutions are already in play.
Lynn Schnurr, Army Intelligence CIO for the Deputy Chief of Staff, G-2 and director of intelligence in the community information management directorate, highlighted progress in the Army’s distributed common ground system (DCGS) and Land ISR Net, both intelligence networks supporting deployed soldiers that rely on cloud capabilities.
The Air Force also is making progress in its own version of DCGS, which is turning wing operations into data storage sites that can process information and distribute to the field, according to Robert Marlin, Air Force technical adviser for intelligence, surveillance and reconnaissance capabilities and integration.
DCGS is one example of joint DOD/IC use of cloud capabilities, and it’s representative of the new approach, the panelists indicated.
“We know it’s not affordable for us to continue to try to implement architectures of the past. But we all have to continue to work together to find solutions, and that’s the key part. How do we get a common platform? How do we get away from the ‘boxes-R-us’ solutions…and to a common architecture that is more affordable and implementable?” Schnurr said.