Government in the Cloud
In November 2010, OMB announced the US Federal Government’s first Cloud First policy.
Jeff Zients, CIO of OMB at the time, said this:
“What this means is that going forward, when evaluating options for new IT deployments, OMB will require that agencies default to cloud-based solutions whenever a secure, reliable, cost-effective cloud option exists,”
President Trump’s Executive Order 13800, further directs agency heads to show preference in procurement for shared services, with a focus on cloud services. OMB shortly after published the “Cloud Smart” proposal which has sought to open mature commercial cloud services to federal customers by eliminating rules which stifled these initiatives.
Both the DoD and IC have invested heavily in making these cloud strategies a reality by leveraging the government’s bulk purchasing power in the JEDI and C2S contracts.
Joint Enterprise Defense Infrastructure
The force is strong with Microsoft after winning the heavily contested JEDI contract on October 25th, 2019. The 10-year, $10 billion dollar deal is the biggest information technology procurement in government history. Amazon Web Services was widely considered the front runner for the award, making the decision a disputed one. The contract process continues to be under review by the DoD’s inspector general and is currently stuck in federal court. Experts inside DoD remain confident that the project will move forward as planned.
The major focus of the initiative is to modernize the country’s warfighting operations. Microsoft is tasked with overhauling DoD’s entire IT infrastructure, creating a world-wide responsive network. The first step in the project is centralizing everything on one cloud. In the words of DoD’s Acquisition Chief Ellen Lorde, “We are, no kidding, right now writing the contract to get everything moved to one cloud to begin with and then go from there.”
Military officers have stood their ground that JEDI is needed to give DoD IT systems a much needed advantage. By driving speed to implement new systems, disaster recovery technology, and ease of provisioning systems, DoD hopes gain the upper hand through cloud infrastructure.
“The National Defense Strategy dictates that we must improve the speed and effectiveness with which we develop and deploy modernized technical capabilities to our women and men in uniform,” the Department of Defense CIO Dana Deasy noted. “The DoD Digital Modernization Strategy was created to support this imperative. This award is an important step in execution of the Digital Modernization Strategy.”
C2S (Commercial Cloud Services)
In August of 2014, CIA awarded a $600 million dollar contract to Amazon Web Services for 10 years of work. AWS assisted the organization in building a private cloud computing setting within the secure firewalls of the intelligence environment. The demands of the project were that it promoted greater integration, information sharing, and information safeguarding through a common IT approach that substantially reduced costs. The long-term goal was to keep up with emerging technologies like big data in ways not previously possible.
The contract exceeded expectations and is widely considered by CIA as a success, having a material impact on both CIA and the IC at large with the potential to benefit other departments as well.
According to John Edwards, CIO of CIA, “It used to take CIA 180 days to provision a single server. We got that down to 60 days, and thought, ‘we’re doing pretty good.’ Now through AWS and C2S, we’re down to minutes. That’s amazing.”
C2E (Commercial Cloud Enterprise)
The 2014 Commercial Cloud Service contract worked so well that CIA is now hungry for more. As of February 2020, the contract is a pending acquisition worth potentially tens of billions of dollars. There is no word yet on a future deadline, but a decision could be made as early as September 2020. The intelligence community needs to adopt a multi-cloud ecosystem with different levels of classifications based on content. The goal of this acquisition will be to use different CSP’s unique specializations in technology, cyber security strategy, and services.
The statement of work notes that “The IC requires an integrated, interoperable cloud ecosystem that promotes mission success through reliable, available, dynamic, and innovative information technology services with secure access to functions, capabilities, and data anywhere, anytime, and under all conditions. Based on the IC strategic plan, the IC will leverage Government and multiple commercial cloud capabilities that are interoperable and support workflows within and across multiple security fabrics. The goal is to maximize rapid reuse of data and sharing of data in mission systems to support these capabilities.”
