Strategies for delivering on the promise of JIE
- By Joel Dolisy
- Mar 07, 2016
The Defense Department’s Joint Information Environment (JIE) is like a grand mosaic of federal IT complexity – big and beautiful, yet extraordinarily complicated.
The goals behind it are simple: increase military interoperability, streamline operations, improve cybersecurity, and reduce costs. In reality, it’s a huge initiative to create a unified command and communications network that DOD hopes will represent nothing less than “the future of partnerships.”
2014 DOD report, is rife with “exploitable cyber vulnerabilities.” It also requires a leap of technological and cultural faith, asking representatives of the Army, Navy, Air Force and Marines to forgo the years spent cultivating their own networks in favor of a single, collapsed system.
Consolidation itself presents challenges. A single network offers particular risks. Instead of spreading the wealth among different agencies, DOD is essentially inviting enterprising hackers to gain access to the entire operation. Now, more than ever, the organization needs to employ advanced security strategies and gain keen insight into the entirety of its network. This makes an already challenging job even trickier.
However, as any soldier knows, wars are fought one battle at a time. Federal IT administrators should approach the implementation of the JIE with the same perspective by focusing on a few key strategies.
Closely monitor all access points
One of the first big projects being implemented under the JIE framework is the Defense Information Systems Agency’s Joint Regional Security Stacks (JRRS). By reducing the number of network access points, the JRSS will minimize infiltration and attack surface, and give IT administrators fewer areas to worry about.
However, there will still be vulnerable places within the evolving JIE. Administrators must be cognizant of these areas and remain vigilant to the possibility of threats.
Implementing network performance monitoring and configuration management tools can help in this task. They can monitor access points and allow administrators to proactively track wireless clients. This can be particularly instrumental in keeping an eye out for rogue devices that may threaten the JIE and solidify DOD’s effort toward minimizing potential risks.
Actively manage device and user access
As the JIE is deployed, it will be heavily taxed by thousands of users and devices trying to access the network. This type of “communications soup” is an attractive target for hackers, who may see an opportunity for their intrusions to become lost in a maze of incessant, albeit legitimate, network activity.
DOD administrators should implement systems that allow them to track connected devices and, if necessary, identify their users by MAC and IP addresses. They should receive alerts on illicit activity and be able to trace any potential threats back to a specific device and individual. It’s a potent way to keep bad actors from accessing information or taking down the JIE.
Gain better visibility and control
Consolidation of networks and resources will give DOD administrators the ability to monitor and control everything that is happening across agencies. This is different from today, where each agency’s network has its own protocols, structure and design.
Under the JIE, administrators will have more standardized networks to let them more easily monitor all agency communications and information sharing. For instance, Navy administrators will now have the ability to monitor, report and react to faults or security threats that could impact the rest of the armed forces. They can fix it or share the information with their brothers and sisters in arms. This is the heart of the JIE vision – bringing all of the services together through enhanced information sharing by way of a single network.
Ensure that everyone is on board
Still, bringing everyone together may be easier said than done. The United States military has a history of working in a siloed environment, with each agency and service operating under its own system. It’s one thing to break down these barriers from a technology standpoint, but quite another to ask people who have been trained a certain way to readily accept something that, while beneficial, will ultimately be a significant cultural change.
However, our current IT practices have taught us that the old ways of doing things no longer apply. The cloud and need for greater agility and collaboration, along with initiatives like DevOps, have changed the role of today’s IT administrators. They’re becoming far more used to adaptability than stability. In that sense, the groundwork has already been laid for the JIE, at least in a cultural sense.
That’s good, because DOD’s consolidation efforts are going to up the ante when it comes to being adaptable. There’s no doubt that everyone’s going to have to be on their toes, but they can at least lean on technology to make the job easier while helping the network reach its full potential.
Joel Dolisy is the CIO at SolarWinds.