10 Things You Should Know About The DoD Cloud Strategy

The Warfighter's Cloud

The United States military is embarking on an ambitious and expensive cloud transformation project to modernize IT resources across all the Pentagon's departments and branches of the armed services.

One component, the JEDI initiative, has created a firestorm of controversy in Silicon Valley, including criticism from an industry trade group, protests to the GAO, and a lawsuit by Oracle against the federal government.

But the DoD's Cloud Strategy is much broader than JEDI. The Pentagon presented to Congress this week an unclassified document making the case for why it needs the help of enterprise cloud providers to empower troops in the field and military intelligence professionals.

"The DoD Cloud Strategy reasserts our commitment to cloud and the need to view cloud initiatives from an enterprise perspective for more effective adoption," a foreword to the document, written by Acting Defense Secretary Patrick Shanahan, reads.

"The Department of Defense (DoD) has entered the modern age of warfighting where the battlefield exists as much in the digital world as it does in the physical," Shanahan says.

"Cloud is a fundamental component of the global infrastructure that will empower the warfighter with data and is critical to maintaining our military' s technological advantage."

Here are 10 things you should know about the DoD’s cloud strategy.

Return Of The JEDI

The Joint Enterprise Defense Initiative that's generated headlines for much of the last year is an important component of the military's cloud strategy, but not the entirety of it.

The Cloud Strategy document makes a distinction between the DoD's need for a "General Purpose" cloud, and ones that will be "Fit For Purpose".

But the General Purpose cloud, provided by the winner of the JEDI sweepstakes, will be the cloud of first-choice, with a "primary implementation bias" for all defense agencies.

"Only when mission needs cannot be supported by General Purpose will Fit For Purpose alternatives be explored," the document reads.

"Mission owners" that want to stray from the cloud provider selected through the JEDI initiative will have to submit an "Exception Brief" to the DoD's CIO explaining why they believe the capability they require cannot be met by the General Purpose cloud.

Multi-Cloud Posture

The most-controversial aspect of the JEDI cloud initiative has been the winner-take-all nature of the potentially $10 billion contract.

While the cloud computing contractor selected through JEDI will provide the military's go-to cloud infrastructure, the "Fit-for-Purpose Program" will enable individual agencies to select from multiple vendors that meet their needs.

For that reason, the Pentagon views itself as adopting an overall multi-cloud posture.

"The Department must address the unique mission requirements through a multi-cloud, multi-vendor strategy that incorporates a General Purpose cloud and Fit For Purpose clouds," the report says.

Those resources will also be complemented by cloud software purchased from other vendors.

"DoD seeks to maximize competition, not only when awarding the pathfinder General Purpose cloud, but also by ensuring access to a variety of Software as a Service (SaaS) capabilities that are complementary to the General Purpose and Fit For Purpose clouds," the report says.

Email, chat and collaboration services are a good example of the SaaS options.

Hybrid Posture

The DoD is looking to divest from its legacy information systems, which currently involve sprawling on-premises infrastructure.

But the military's sweeping cloud strategy will maintain on-premises infrastructure, creating a hybrid environment.

"It should be recognized that the Department will still need non-cloud data center capability for applications that are not suited for the cloud."

At the same time, the military recognizes that maintaining legacy infrastructure is a business it wants to move away from.

"Over time, with the adoption of an enduring enterprise cloud strategy, the non-cloud environment should become smaller," the report says.

AI Readiness

The military is actively deploying artificial intelligence to support its administrative and battlefield operations and sees cloud as a tremendous enabler of that project, the report makes clear.

"Technologies such as AI and ML have the potential to fundamentally change the character of war," it says.

To that end, the Defense Department is preparing to launch its Joint Artificial Intelligence Center (JAIC)—a project requiring enterprise-grade cloud infrastructure.

"An enterprise cloud will provide the common data and infrastructure platforms that will enable Al to meet the full promise of warfighter advantage," the report says.

Military leaders see a vital interest in empowering their decision-makers with modern data analytics, including artificial intelligence and machine learning. Those capabilities should be available "at the speed of relevance to make time-critical decisions rapidly in the field to support lethality and enhanced operational efficiency."

Currently, critical infrastructure that military AI solutions for managing data are being built on top of are "disparate and disjointed."

Security

With a military cloud, security is the paramount concern.

Pentagon brass view public cloud as an advantage in securing military data and systems, and the DoD cloud strategy was crafted to align with its larger cyber strategy.

"DoD must embrace modern security mechanisms built into modern commercial cloud providers' platforms to ensure the security of these large amounts of data and to safeguard the information," the report says.

The Pentagon's current infrastructure poses a security liability. The report discloses that the DoD has found it a challenge to keep up with cyber-related threats.

"By owning and operating the physical hardware associated with on-premises data centers, the Department can incur unnecessary security risks and consume resources that could otherwise be realigned to support warfighters and the workforce in other mission areas," the report says.

Overly strict policies and procurement procedures make it difficult for the DoD's IT professionals to ensure hardware and software are updated appropriately.

Public cloud vendors looking to win the lucrative contracts will be scrutinized over their security capabilities.

"DoD should independently test and assess cloud network security to verify security compliance and incident response, and review all contractor and third-party testing results to ensure that performance and security monitoring are sufficient."

Military leaders want to shift the cyber-security focus from guarding the perimeters of networks to actively controlling access to data. The modern encryption algorithms and key management systems built into commercial cloud services, and proper tagging of data, will achieve that.

Costs

The military is constrained by budgets. Pentagon leaders see cloud delivering economic benefits, as many private enterprises have come to appreciate.

"The cloud pay-for-use model will provide the flexibility to optimize costs across the IT portfolio and allow DoD to adapt to changing priorities, budgetary conditions, and industry developments," the report says.

Existing systems that are not "cloud ready" often use "excessive amounts of cloud infrastructure resources", making them less efficient and therefore more expensive to operate.

The military also recognizes, as many enterprises have come to discover, predicting cloud costs is difficult.

To achieve cost transparency, the military will need to implement "strong governance" to monitor how applications are developed and data is transmitted and stored.

"As we develop these standards, implement them, and subsequently learn and better align our services and data to an enterprise solution, we can look to automated tools and techniques to better inform accurate tracking of financial execution of cloud resources."

The Battlefield's Edge

The DoD cloud environment needs to support military operations from the battlefield to the home front.

"We must embrace computing solutions that enable warfighters in their environment versus forcing them to conform to the current environment of siloed data and legacy applications," the report says.

A requirement for the DoD cloud is integration and operation of computing solutions that are straightforward and repeatable across classification levels.

"This will allow warfighters to make data driven decisions and enhance DoD ability to share data with allies and operate as a coalition force," the report says.

The report notes that the technology industry has made large strides in running disconnected operations.

"The Department's General Purpose and Fit For Purpose clouds will capitalize on these efforts to provide the warfighter with the latest technology where they need it and when they need it regardless of the environment."

The "rugged and adaptable" devices used by combatants in the field must be able to automatically synchronize with the cloud when communications are sufficient or reestablished.

"Auto synchronization of information will ensure warfighters are retaining data, feeding it back into models, and fighting with the most recent algorithms. Doing this in a secure environment will be a force multiplier and directly support the primary goal of the cloud environment: information superiority."

Failover

The ability of military IT systems to safely failover in times of crisis, ensuring continuity of operations, is a big demand of the military. And the "distributed, redundant nature of cloud computing" will go far in solving that problem.

"Our commercial cloud solutions will use advances in technology to automate failover, solving a major deficiency throughout the Department," the report says.

The military plans to take advantage of the multi-region and multi-availability zone architecture of a hyper-scale provider, paired with deployment of secure Cloud Access Points.

DoD cloud architectures will allow workloads to shift across a single cloud provider's availability zones or regions nearly instantaneously upon detection of the failure of a primary data center.

"This will be vital in the case of human-made or natural destruction of a large geographic area."

But to fully achieve that capability, the military recognizes applications will need to be re-architected for the cloud.

Once they are, the DoD can cease its current practice of maintaining multiple instances of the same data across cloud providers or on-premises data centers, "which does not provide the same level of failover as that provided by commercial cloud."

Implementation And Migration

Selecting vendors is only the first step in a cloud initiative.

The military understands the extent of implementation and migration work that follows, and it will look to the channel to help meet those needs.

An implementation plan attached to the document for the JEDI cloud component that will serve the majority of the military's systems and applications makes clear: "an industry partner will be required."

DoD sees two fundamental tasks: standing up the cloud platform and ongoing work in migrating applications and data.

"The complexity of this endeavor and the Department's lack of large-scale, enterprise, commercial cloud experience means that this partnership is critical to the successful standup of the enterprise General Purpose cloud," the report says.

Cloud providers and implementation partners will be evaluated by their ability to meet four major tenets: IaaS and PaaS, separate environments at all classification levels, centralized and tactical edge computing, enablement of AI and other emerging technologies.

Technical Debt

The DoD's cloud strategy document makes clear that over many years, the military has adopted a complex, sprawling patchwork of IT systems that has bogged it down with massive technical debt.

"Today, the DoD information environment is made up of multiple disjointed and stove-piped systems distributed across modern and legacy infrastructure around the globe," the report says. "DoD has stood up a number of clouds that have not been architected or designed for enterprise use."

The amount of data flowing through those outdated systems is growing exponentially. That has caused many problems impacting warfighters, decision-makers, and DoD staff's ability to take advantage of critical information in a timely manner.

The selection of an enterprise cloud provider will allow DoD to "further consolidate its sprawling data center assets."

"DoD has not had clear guidance on cloud computing, adoption, and migration to provide unifying guidance or a coherent plan. This has made it difficult for the Department to embrace modern IT capabilities, to benefit from the efficiency and capacity offered by commercial cloud services, and to continue to evolve with technology at the speed of relevance."

The lack of guidance has led to "disparate efforts with siloed teams, disjointed implementations with limited capability, siloed data, and inefficient acquisitions that cannot take advantage of economies of scale."