The U.S. Navy is building on its experience in adopting commercial cloud services and further developed strategic approaches to cloud-delivered services and application development, a senior Navy tech official said during an August 10 ATARC virtual event.
Travis Methvin, deputy director of Business, Strategy, and Resources at the U.S. Department of Navy, elaborated at the event on the service branch’s cloud modernization experiences, and the value of platform scalability and security in its modernization efforts.
In its first approach to commercial cloud environments, Methvin said, the Navy utilized a lift- and-shift approach but “did not understand what should be there, how to move it there, and what our ultimate end-state would be.”
But the department has spent the last year and a half focusing on network and transport, and ensuring that its applications and users could operate in the cloud. The Navy, he said, is now transitioning network services from being cloud-tolerant, to being cloud-enabled.
“Over the next year, as the department continues to migrate to the cloud, you’ll see a strategic approach of how we do modern service delivery and modern application development to support the warfighters,” Methvin said.
Security has been a critical concern for the Navy as it continues to migrate to a cloud environment, and Methvin said the process of contract work with commercial service providers and running commercial cloud in the Department of Navy has presented some challenges on the security front.
For example, after undertaking analytic data projects, the department realized it had over 400 separate cloud contracts operating. And it exposed the fact that the department was having a hard time keeping up with and detecting those workloads.
“No longer can you look at it as the individual mission owner, but what the risk and exposure are to the Navy,” said Methvin.
Because of that, Methvin said the department began to take a holistic approach to deal with commercial cloud security concerns. By mixing technology, engineering, and business in the procurement of commercial cloud, the department is now evaluating the total cost of ownership, and impacts on security.