While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
Like other Department of Defense Components, the Army Corps of Engineers (CoE) is moving ahead with a department-wide shift to Microsoft’s Windows 10. Yet the CoE is also looking to adopt more cloud-based tools to make itself a more nimble and increasingly efficient DOD component.
The Army Corps of Engineers’ CIO Greg Garcia, who assumed the post in February after spending the more than three years running the Army IT Agency, says the Windows 10 upgrade is a major priority for the CoE, but is not the only project in the works.
In addition to the major software upgrade, the CoE is launching two other significant initiatives: the Army’s move to the Joint Regional Security Stacks (JRSS) and its use of Office 365 in the cloud.
For now, the Windows 10 migration is front of mind, as top DOD officials have set a deadline of January 2017 for the department to adopt the new platform.
“Windows 10 is a great opportunity to move the user experience and the cybersecurity forward together. We’ve started with some initial activities to plan the migration for Windows 10,” Garcia told Federal News Radio.
Garcia says that the major hurdle for the Windows 10 migration within the CoE relates to application updates. “What you find out is the application and the application testing is generally where the rubber meets the road for success or not success,” he says. “The ability of users to get to email and all that works great, but if you are hitting information systems via browser, you’ve got to make sure that works. We have many, many applications we will have to push through.”
The Windows 10 upgrade at the DOD is using a “secure host baseline” that includes not only the Windows 10 operating system, but additional mission-specific secure applications that have been preconfigured as well. In the past, previous operating system upgrades that DOD undertook only included the operating system software.
According to a statement from DOD, the Secure Host Baseline approach to the transition was developed via collaboration with the military branches and other DOD components, including the DOD Chief Information Office, National Security Agency and Defense Information Systems Agency (DISA).
Garcia says the CoE has tested pilot implementations through DISA and the Army of what the secure host baseline is going to be. “DISA is refining the release and pushing it to the Army, and the Army will work on it through our great partners at Network Command,” he says. “Really the difficult part is assessing those [applications] against the secure host baseline and making sure the applications perform well.”
The CoE is not worried about the functionality of standard applications used across the DOD, but instead on its mission-specific applications. “The big Army doesn’t use a lot of our applications because they are very much involved in other aspects of the mission, where we will have unique civil works applications or things involved in project construction and how we do our finances, because the Corps is financed through many mechanisms that are not the same as in DOD,” he says. “Those are the big systems that we really have to pay special attention to, get them copies of the baseline early, and spend some time in the critical path to get them to be allowed to figure out what works and what doesn’t work. Then if there is a modification or advancement required, there is cycle time to get that done and tested again.”
Meanwhile, Brigadier Gen. Dennis Crall, CIO of the Marine Corps, said at an AFCEA DC event on May 11 in Arlington, Va., that the Marines understand the benefits of the secure host baseline approach and moving to Windows 10; however, they are having difficulty achieving those benefits because of the hardware requirements associated with the platform. He said that the Marines initially thought 60 to 70 percent of the service branch’s Windows devices could be updated over the network without the need to upgrade hardware, but that was a wildly optimistic estimate.
“Hardware that is older than a couple years is having more difficulty than hardware that is new,” Crall said. “And when you look at what ‘new’ means to DoD … in many cases, we purchase yesterday’s technology tomorrow. A lot of our brand-new systems out-of-the-box are having difficulty with the upgrade, and we didn’t anticipate that.
“We’re working with Microsoft engineers … and I’m very optimistic that number of acceptance will increase, that we’ll work through some of these challenges. But there’s going to be a break point between the human labor costs that make that work and what it would cost to refresh equipment outright,” he said.
Garcia says the CoE is on board with the Army’s move to the JRSS and its use of Office 365 in the cloud. JRSS is a suite of equipment that performs firewall functions, intrusion detection and prevention, enterprise management, virtual routing and forwarding (VRF), and provides a host of network security capabilities.
Each physical stack is comprised of racks of equipment which enable Big Data analytics, allowing DOD components to intake large sets of data to the cloud and provide the platforms for processing data, as well as the mechanism to help analysts make sense of the data.
Garcia says CoE tested a Level-2, non-restricted cloud, as well as collaboration tools. “It was kind of fun. We actually had an Apple phone, an Android phone, a Windows tablet, a desktop computer and an Apple watch, and we were all collaborating over a series of charts. It was really kind of exciting about this power of collaboration and knowledge sharing,” he says. “That drives our ability to move to what we are projecting will be a Level-5 cloud by summer. What we are doing is partnering with our great friends in the Air Force and the Defense Logistics Agency.”