DOD CIO sets direction for cloud that partners closely with industry
- By Barry Rosenberg
- Jul 26, 2012
Dave DeVries is deputy CIO for information enterprise in Teri Takai's DOD CIO office. A member of the Senior Executive Service, he was most recently deputy DOD CIO for information management, integration and technology, and also spent about two years as deputy director of Army Network Enterprise Technology Command (NETCOM).
He spoke to Defense Systems Editor-in-Chief Barry Rosenberg about cloud computing.
DS: Cloud computing and mobile communications for the military have both come onto the scene at about the same time. With mobile, for example, each of the services is engaged in a variety of pilot programs examining security and interoperability, for example. Is it the same with cloud computing, where each of the services are piloting their own clouds with the idea that everyone will neck down to a couple key clouds?
DeVries: I'll coach it this way. I don't want to have a thousand clouds out there, but I am not going to have one, single, big cloud. We have various pilots underway throughout the services today-and some are not pilots because they are actually doing it. We will not just arbitrarily say that we will collapse Cloud A into Cloud B, but we will look at the successful implementations of how data is stored and how do applications access that through an identity piece. We will incorporate those through best business practices, and extend them out to other communities of interest.
DS: Does the Office of the Secretary of Defense CIO office have any of its own cloud pilots, and is it the CIO office's plan to pick and choose over time the pilots that will go forward as programs?
DeVries: We do not have our own separate, individual pilot going. And I would proffer that the pilots are based upon user requirements, and are being met with the current cloud technologies of today. We in the CIO office, both in the DOD as well as in the services, are championing those efforts to meet the day-to-day needs of the warfighter. We are not becoming the service providers.
DS: In discussions of data-center consolidation and a reduction in the number of applications, for example, the talk is about killing applications, sustaining applications to kill and transitioning appropriate applications to the cloud. So what are appropriate applications for the cloud?
DeVries: That's on a case per case basis, and it really comes down to the definition of what one holds for the word cloud. There is public-facing cloud, there is private-facing cloud, there is government owned and operated, there is commercially operated. Suffice to say we are going toward those apps that have the need to share data amongst the greater set of customers then just locally resident where that data is currently stored. From a duty perspective there are so many areas here that this is right for.
DS: For example?
DeVries: In many respects today, the medical system that we have is looking like a cloud. We have hospitals at our installations around the world, and we have soldiers, sailors, airmen and marines there with their families. Their medical records are stored centrally and managed that way, but they are accessible at posts, camps and stations.
We are going into a new era with Veterans Affairs, and we are going to make that more easily usable by both the providers and the patients. We have got several things underway right now where we are consolidating the licenses of our existing e-mails into a central source. That would be a cloud-type environment, and then the users can get to their e-mail wherever they are around the globe.
DS: What are the lessons you're learning in watching the daily operation of commercial clouds such as Google's, which have been struck by system outages, that can be applied to military clouds?
DeVries: Number one, there is not a silver bullet for everything. There are different types of clouds, and so you have to look at what the data is, where the applications are going to be used, and by and for whom, and do those risk management things. You cannot get away from that.
Two, this is new territory. As you said, Google and other cloud providers learned some valuable lessons during the East Coast storms here recently, and we are examining how we construct these things and use the enabling infrastructure from the commercial side of the house. So it's important that we continue the dialog and do the lessons learned, as we also work together with our federal partners to create the reusability of many different things.
There's a wonderful program that's just starting up now called the FedRAMP (Federal Risk and Authorization Management), which is about the appropriate security controls around cloud offerings. So the dialogs continue to take place between the security folks and the operational folks about what I need to have and how I need to best secure it.
(Editor's Note: While Google cloud servers have experienced downtime in the past, the company's servers did not experience any downtime during the storms that hit the Washington, D.C., area at the end of June, according to a Google spokesperson.)
DS: What types of requests for proposals and procurements do you expect to be made for military cloud in the near term?
DeVries: Let me ask that in a different way, because I would not say RFPs in direct line for a cloud. It's really about what capabilities do I need, and here is the type of data or information I need to have and to share. That's the type of RFPs you will be seeing from the services; it's a capability requirement.
DS: What sort of capabilities, in particular?
DeVries: I think that it's the same as what the commercial world is up to today: how do I store the data, and then how do I secure it and how do I serve it back up again?
DS: With that in mind, what should industry be working on? What do they need to do in the next-generation of cloud products and capabilities?
DeVries: Reduce cost, provide great service and be transparent.
DS: Yes, things that they've all heard before.
DeVries: Exactly. This is a very competitive area, and this is true whether you are in the federal government space or in private.
Barry Rosenberg is editor-in-chief of Defense Systems. Follow him on Twitter: @BarryDefense.