The Department of Defense published an unclassified version of its long-awaited cloud strategy Monday afternoon, which features an enterprise cloud environment that includes “general-purpose” and “fit-for-purpose” cloud infrastructures achieved through multiple vendors, and identifies seven strategic objectives for the effort.
The Pentagon emphasized the importance of the effort by saying it has “entered the modern age of warfighting where the battlefield exists as much in the digital world as it does in the physical.”
“Data and our ability to process data at the ready are differentiators to ensure mission success. Cloud is a fundamental component of the global infrastructure that will empower the warfighter with data and is critical to maintaining our military’ s technological advantage,” DoD said.
The strategy “reasserts our commitment to cloud and the need to view cloud initiatives from an enterprise perspective for more effective adoption,” DoD said. “It recognizes our experience over the past five years and identifies seven strategic objectives along with guiding principles to set a path forward. It emphasizes mission and tactical edge needs along with the requirement to prepare for artificial intelligence while accounting for protection and efficiencies.”
Implementation of the strategy, DoD said, will focus on two types of work: “first is the stand up of cloud platforms ready to receive data and applications, and second is the ongoing work to migrate existing applications and to develop new applications in the cloud.”
The seven strategic objectives that the cloud strategy aims to achieve are:
Enabling “exponential growth” in data use – which DoD said it has not kept pace with as data growth has exploded in recent years. “To adapt to the continuously growing data environment, DoD requires an extensible and secure cloud environment that spans the homeland to the global tactical edge, as well as the ability to rapidly access computing and storage capacity to address warfighting challenges at the speed of relevance,” the agency said, adding that the capabilities that cloud services bring “must be ubiquitous and available to all Department decision makers, warfighters, and staff.”
Providing “scale for the episodic nature of the DoD mission,” which the agency said can be achieved by “fully embracing the dynamic elasticity of commercial cloud architecture.” DoD said “this efficiency will also eventually improve the government’s budgeting, billing, and payment practices by providing detailed resource usage reports for all mission owners. This transparency will further drive more efficiencies in the future on how applications are built.” It continued, “Additionally, the cloud pay-for-use model will provide the flexibility to optimize costs across the IT portfolio and allow DoD to adapt to changing priorities, budgetary conditions, and industry developments.”
Better addressing cybersecurity challenges by creating a “standard cloud-based cyber architecture that addresses the needs of commercial and internal-based clouds and encompasses infrastructure, applications, and data,” DoD said. “This must include the ability to keep the environment “evergreen” in terms of security and technology. DoD will produce a unified cybersecurity architecture that addresses cloud and the needs of classified and unclassified missions and data. The capabilities will be tested and assessed independently and frequently to ensure that cybersecurity attributes remain effective against developing threats,” it said. Central to the mission to improve security will be a shift away from perimeter defense, and toward securing data and services.
Enabling artificial intelligence (AI), machine learning, and data transparency through better data management practices, use of data lakes and data hubs, which DoD said are “accelerated and amplified” by cloud technology. “Commercial cloud provides the ability to scale and secure both the collection and the analysis of data stored in an enterprise DoD cloud. This gives mission owners the capability to make decisions with the most relevant information,” the agency noted. It continued, “The distributed nature of cloud computing allows for a more flexible execution environment while simultaneously providing increased information security. This allows for scaling and distributing data repository stores while maintaining security posture and providing new opportunities to obtain mission insights through data collaboration. Similarly, the computing power required for analysis of massive amounts of data can be scaled seamlessly in seconds. This ability to scale will ensure that mission execution is not hindered by insufficient computing and storage capacity and enable the creation of new information models that were previously unachievable.”
Extending tactical support for warfighters are the network edge, with the DoD cloud environment serving “mission owners in every environment, across the range of military operations, from the tactical edge to the home front … and at all classification levels and disseminations,” the agency said. It continued, “Industry has made huge strides in disconnected operations. The Department’s General Purpose and Fit For Purpose clouds will capitalize on these efforts to provide the warfighter with the latest technology where they need it and when they need it regardless of the environment. Cloud devices employed by warfighters at the tactical edge will be ruggedized and adaptable, providing for automatic synchronization to the greater cloud once communication is sufficient or reestablished. While certain DoD programs are not immediately amenable to migration to the cloud, some of these systems may ultimately be bridged to the cloud, while others may be addressed through separate non-cloud solutions. But overall, this auto synchronization of information will ensure warfighters are retaining data, feeding it back into models, and fighting with the most recent algorithms. Doing this in a secure environment will be a force multiplier and directly support the primary goal of the cloud environment: information superiority.”
Taking advantage of cloud resiliency in order to achieve “continuity of operations and efficient failover in times of crisis an operational disruption,” DoD said. “Cloud computing is a key component in overcoming these challenges and ensuring comprehensive mission execution, due to its distributed, scalable, and redundant nature. Executing this cloud strategy will incorporate standard approaches to leveraging cloud for this mission resiliency. The enterprise cloud will offer support for failover in times of infrastructure degradation as well as recovery from operational outages and significant cyber incidents,” DoD said. It continued, “Our commercial cloud solutions will use advances in technology to automate failover, solving a major deficiency throughout the Department. DoD will only be able to ensure continuity of operations for digital services. We will accomplish this by taking advantage of multi-region and multi-availability zone (AZ) architecture, which exists natively within major cloud providers, and pairing this with the effective deployment of secure Cloud Access Points (CAPs) to cloud-based cybersecurity solutions for increased resilience. DoD cloud architectures will allow for workloads to shift from one AZ or region to another, within a single cloud provider, nearly instantaneously upon detection of the failure of a primary data center. This will be vital in the case of human-made or natural destruction of a large geographic area.”
Driving IT reform at DoD by allowing the agency “to further consolidate its sprawling data center assets,” the agency said. “The Department still has an opportunity to further rationalize and has done significant work to rationalize and reduce data centers,” it said. “The cloud will provide an opportunity to accelerate and extend those consolidation opportunities, as well as the opportunity to deliver integrated Defensive Cyber Operations (DCO) and achieve efficiencies through rapid deployment of common services. An enterprise cloud perspective will enable more centralized cloud management and a broader availability of security service options for wider cloud adoption by DoD to include those DoD Components with smaller implementation staff,” it said.