U.S. Army Reserve Maj. Jared Hrabak, a cyber officer with Cyber Protection Team 185 uses a common network scanning tool “masscan” to enumerate a network. during his unit’s Virtual Battle Assembly Aug. 9, 2020. 

Jan 11 2021

The Army Gives Remote Users Access to Data with Commercial Tech

The system leverages tools from Dell and others to offer secure access to classified information.

When Jeff Sicard was in the Army, handling logistics and support for operational sites in Afghanistan, he would typically work on four separate laptops at the same time. Each had access to a different network with a different level of protected information.

One allowed entry only to members of the U.S. armed forces with top-level security clearances. Two connected to NATO systems with different requirements for access. The fourth was an unclassified link to the internet. None of the networks could interconnect.

The setup required a maze of cables and space for four-plus pieces of hardware. “The footprint that has to be in place” made it nearly impossible to move locations or work remotely, explains Sicard, who is now a senior program manager for federal services at CDW•G. Plus, the Army’s security protocols traditionally restricted the flow of sensitive or classified information to offsite locations that lacked adequate safeguards.

DISCOVER: Find out how to design the technology that meets your agency’s unique needs.

Sicard and his CDW•G team, along with outside partners, have created a solution for military personnel to tap into multiple networks — including the most highly classified — from a single, remote device, using the same security standards.

Under a National Security Agency program that encourages government use of commercially designed software and hardware, CDW•G recently completed a pilot program with the Army to provide the new capability to 500 teleworkers based at Fort Gordon in Georgia.

“I’m not tied to the office,” Sicard says of what the technology accomplishes. “I have a smaller footprint and I’m able to access all the information systems that I need to hit.”

Even before the pandemic turned working from home into the norm and made secure access crucial, the Defense Department struggled to give employees flexibility to work remotely and handle protected data, says Sicard, whose military career spanned 29 years and included three tours in Afghanistan. Because DOD security architecture is so strict, it complicates the experience of offsite users, even for tasks as mundane as email. Outside developers have difficulty interfacing with the architecture’s various layers, Sicard says.

Army Leverages Dell Technology to Give Users Flexibility

The NSA started its Commercial Solutions for Classified program, or CSfC, about five years ago. CSfC was designed to enable government agencies to use commercial technology, which could be developed far more quickly and efficiency than through government procurement.

“What that’s done is it opened up competition,” says Keshun Morgan, federal solutions manager for CDW•G. “It lowered the price point for acquisitions for the government while increasing the functionality.”

CDW•G worked with Dell Technologies’ federal solutions group and Forcepoint on the Army’s pilot project. It combined CSfC-enabled architecture, data center modernization and cross-domain capability, Morgan says. The technology pulls multiple networks under one roof but in individual silos, with the protected data in each inaccessible to the others.

A cross-domain solution allows information to flow between exclusive networks, so a remote worker can move from one silo to another seamlessly, without the need for additional devices.

At the start of 2020, the CDW•G team had just passed the proof-of-concept stage with the Army and launched the pilot program, with no idea how relevant it would soon become. Then, suddenly, the Army needed to put the new protocol into action. The CDW•G team “catapulted” from proof of concept to deployment, Sicard says.

Normally, the development process would take several months as the team tweaked the technology, ironed out wrinkles and improved functionality. Instead, team members gave up many nights of sleep to get it up and running within weeks.

It was the equivalent of testing a new airplane while it was in flight, Morgan says. It required constant communication between the production team and the customer. Now through the testing phase, they’re focused on operation and maintenance.

“I wish we had the expedited measures we have now in terms of how to resolve the structural issues,” Sicard says.

The Army plans to expand the solution to about 2,000 users, said Maj. Gen. Maria Barrett, the Army’s commanding general of the Network Enterprise Technology Command, while speaking at a C4ISRNET event in October. “I can take it on a trip, I fire it up and I have full desktop functionality,” Barrett said of the new protocol, according to C4ISRNET. “I can do video teleconferencing, I can go to portals. So it’s not just email.”

MORE FROM FEDTECH: What does it mean practically to deploy zero-trust security?

Bringing Security to a Remote Work World

The high-speed timetable for the Army pilot provided valuable lessons, according to Sicard and Morgan. Now, with the experience to streamline development and the organization in place to move faster, CDW•G can offer that benefit to other customers with products adapted to their goals and needs.

“We are trying to truly understand the needs of the customer and customize the solution,” as opposed to taking a “cookie-cutter” approach, Sicard says. “We take on the ownership of the mission.”

CDW•G also has developed a portable pod that provides an on-premises cloud environment in remote locations. The Air Force is using it to give some personnel secure access for training purposes, Sicard says.

These tools have potential applications for any federal agency or business sector, he says. A local police department could even use it, for example, to share private information with a state agency, Morgan added.

Replace the government term “classified” with the word “secure,” Morgan suggested.

“Now we’re speaking the language of any organization,” he says, “if you need to have a secure data exchange and you can no longer go into the office to support it.”

Brought to you by:

U.S. Army Photo

aaa 1