A long-awaited update to the Defense Department’s cloud strategy gives a nod to the “multi-cloud” approach many of its vendors have urged the Pentagon to adopt. But the same document makes clear that the department still intends to move the majority of its applications to a cloud service operated by a single vendor.
The new strategy, released on Monday, envisions a mix of hosting environments: A “general purpose” cloud that will be provided through the department’s controversial JEDI contract, several “fit for purpose” clouds operated by other vendors and some remaining DoD-operated data centers that will continue to house applications that still aren’t cloud-ready.
But the goal is for systems to migrate to the “general purpose” infrastructure- and platform-as-a-service cloud unless there’s a compelling reason not to.
“Only when mission needs cannot be supported by general purpose will fit for purpose alternatives be explored,” Defense officials wrote in the strategy, signed by acting Defense Secretary Patrick Shanahan. “In such a case, a mission owner will be required to submit for approval an exception brief to the office of the DoD CIO describing the capability and why the general purpose cloud service does not support their mission.”
The document also makes clear who will be in charge of implementing, overseeing and governing the department’s cloud plans: DoD’s chief information officer. Initially, the JEDI effort had been led by a steering group made up of multiple DoD organizations; the first instantiation did not include the CIO’s office as a voting member.
“At some future date, once the general purpose cloud environment is fully implemented and fit for purpose implementations have matured, it is possible that overall leadership could be transitioned to a different organization inside DoD,” officials wrote. “The DoD CIO will establish an enterprise cloud organization with appropriate leadership and the required governance forums to ensure that overall objectives and implementation plans as described in this strategy are enacted. The DoD CIO will leverage existing governance forums to the greatest extent possible.”
DoD CIO task list
One of the CIO office’s tasks will be to begin scrutinizing the cloud environments the military services and defense agencies have already created or contracted for on their own. The office will work with those DoD organizations to either come up with “thoughtful” migration strategies to move to JEDI, or potentially give the clouds they’re already using an official “fit for purpose” blessing.
But the strategy strongly suggests that many of those existing clouds will not survive the process, because the Pentagon believes a proliferation of cloud environments across the department is already hindering interoperability.
“A lack of guidance has led to departmental inefficiencies and has hindered the department in IT modernization efforts,” the officials said. “It has led to disparate efforts with siloed teams, disjointed implementations with limited capability, siloed data and inefficient acquisitions that cannot take advantage of economies of scale.”
But more formal and written guidance is coming, officials promised. It will be drawn up in cross-agency forums organized by the CIO. Those forums will also come up with detailed implementation plans for how the department will move to the cloud.
The strategy itself offered few details about how DoD will accomplish its cloud migrations. Rather, it reads largely as a statement of principles and an explanation for why the department believes it must finally adopt the “cloud first” stance that the entire government was supposed to embrace more than eight years ago.
But the document did lay out five “lines of effort” DoD considers essential, and that will form the basis for a still-forthcoming “cloud migration playbook.”
In a statement, DoD CIO Dana Deasy said the strategy would pave the way for his office to consolidate the department’s IT services into a construct that’s more secure, scalable and reliable.
“This marks a milestone in our efforts to adopt the cloud and also in our larger efforts to modernize information technology across the DoD enterprise,” he said. “A modern digital infrastructure is critical to support the warfighter, defend against cyberattacks and enable the department to leverage emerging technologies like machine learning and artificial intelligence.”