The Department of the Navy, which is in the early stages of cloud adoption, will take a hybrid approach to the technology, says Department of the Navy CIO Terry Halvorsen, who oversees IT for both the Navy and the Marine Corps.
“We will have some data housed in purely commercial clouds, some data that will be in blended, semiprivate clouds, so to speak, where we are with other government or Department of Defense partners, and then there will be some places where we will use a purely private cloud because of the sensitivity and value of the data,” he says. “That could be a Navy cloud, a Marine Corps cloud or it could be a Defense Information Systems Agency cloud. We will base that on what meets the mission at the best cost.”
The Department of the Navy is conducting an inventory of its applications and data to determine what type of cloud they should be housed in. Low-impact or public information would be housed in commercial clouds, while more sensitive or classified data would be housed in semiprivate or private clouds, he says.
“One of the things we have to do to take full advantage of the cloud is really understand the risk and the value associated with our data, and we are embarking on that,” he says.
As for cloud adoption, the department is focusing on low-impact information systems and mission functions first, Halvorsen says. For example, the service in April announced that a commercial cloud provider now hosts the Secretary of the Navy’s public-facing information portal.
Moving forward, the department will rely on DISA as its enterprise cloud service broker. When the Defense Department announced its cloud strategy in July 2012, it stated that DISA would continue to develop and host private cloud services, but that it would also broker deals with commercial cloud providers to provide cloud services to DOD.
The combined buying power of the Army, Navy, Air Force and Marines should provide the military lower-cost cloud solutions than if they purchase them individually, Halvorsen says. DISA will also help to ensure that the commercial providers meet all cybersecurity requirements, he says.
While the Department of the Navy’s primary goal is to save money through the cloud, the technology can also improve security and increase mobility through the use of virtual desktops, Halvorsen says.
The department has begun deploying virtual desktops, allowing users to access their applications and data on a variety of computing devices that are Common Access Card-enabled, from desktop computers to tablets. If a tablet gets lost or stolen, no data is lost because all the information is housed in the cloud, he says. In two years, Halvorsen hopes to migrate one-third or more of the department’s users to a virtual desktop.
“We will continue to grow the number of virtual desktop users as it becomes a more cost-effective solution and as more apps can become more cloud-enabled,” he says.
Overall, as cloud technologies change and improve, so too will the Department of the Navy’s cloud strategy, Halvorsen says.
“You don’t want to base the biggest part of your enterprise IT business on cutting-edge technology. You want to be right in the sweet spot. I think we are figuring what the sweet spot is for the cloud,” he says. “It is a changing dynamic, something we have to continuously look at because the technology will keep changing. The security in some places will get better. The ability to compress data will get better. As all that improves, we will change our business and mission model.”
Elsewhere, the Marine Corps is also focused on the enterprise cloud. During the past year, the service has built a cloud laboratory at Camp Pendelton, Calif. It was designed to emulate the Marines’ enterprise environment, so the service can evaluate technologies and determine how best to transition to a private cloud in the coming years.
The Marines’ long-term strategy is to build software as a service, infrastructure as a service and platform as a service offerings, says Jeremy Cucco, the Marines’ advanced project manager for enterprise cloud and service-oriented architecture/information systems technical lead.
“We have a lot in place right now. We have demonstrated an infrastructure as a service capability. We’ve focused on the virtualization layer, the automatic provisioning of services and measuring capacity of services. We’ve done quite a bit,” he says. “The strong focus is to determine what we can accomplish and what we are missing, and see how this will save money and improve efficiency.”