DOD’s IT strategy implementation critical to tactical operations

It’s been seven months since the Defense Department released its IT enterprise strategy and roadmap, and now the department is working on implementing the priorities the plan outlined, including identity access management and keeping deployed troops linked to the network regardless of location.

At the FOSE conference in Washington April 4, deputy DOD CIO Rob Carey offered an update on the strategy’s execution, including the plan’s impact on service members serving abroad, and stressed its importance in both cyber and physical combat.

“There’s a team right now working on the schedule, the costs and the actual [plans] of what’s happening when, which will be presented to DOD leadership in the coming months,” Carey said. “This is a real thing; it’s actually happening now. As you can imagine, it’s taken awhile to get to this part, but we’re turning the corner.”

Many of the roadmap’s provisions are designed to bolster DOD’s networks in cyberspace, and those efforts are already under way in the form of infrastructure consolidation and the institution of a joint information environment.

Those provisions are both stand-alone measures – data center consolidation, a joint environment that connects troops scattered across the globe, and improved security controls that closely monitor and define network access – as well as pillars that depend on each other in supporting a shared way ahead for defense IT.

To achieve the joint environment, DOD is currently working to define the connections between deployed troops and the network.

“What’s the communications path from the soldier to the internet and back, or the sailor, or the airman or Marine? It’s amazing work to have that done, because you can see what systems are riding on that transport path and what missions are they accomplishing,” Carey said.

Identity management is the next big step in DOD enterprise IT, Carey stressed, echoing scores of DOD leaders who in recent months have been calling for tighter control and monitoring of who accesses what information, where on the network, and when.

“We’ve had common access cards for 12 years. We do cryptographic log-on to the network and then allow ourselves to access a lot of websites cryptographically. The next step is applications and data, and linking my attributes into certain things that I’m allowed to see, and stopping me from seeing things I’m not allowed to see if I try to go there,” Carey said.

He added that public key infrastructure is currently being rolled out on the classified SIPRNet.

“That helps us reduce anonymity on the network,” he said.

Overall, a prime driver behind the efforts is a focus on deployed troops’ ability to access critical information anytime, anywhere.

“Affording this secure access to the warfighter is really important to us,” Carey said. “The warfighter’s got to trust what shows up on the screen in front of him, because if we count on doing an operational maneuver with troops in harm’s way, we have to be able to trust that information is correct. This is a force multiplier for us.”