NSA’s move to the cloud includes something borrowed, something new

The National Security Agency is taking a page from the commercial service providers as it sets up three different cloud services . But NSA is doing cloud computing in its own special way.

Greg Smithberger, the NSA chief information officer, said the agency is bringing the Intelligence Community IT Enterprise (ICITE) program to reality by taking some of the concepts of the commercial cloud and applying special cybersecurity technologies on top.

“NSA and CIA are actually building several different types of cloud offerings to provide common services for the entire U.S. intelligence community, but in a high security environment,” he said. “Together we are providing shared utility computing cloud. This is very similar to the sort of commercial cloud offering that everyone is familiar with, but in this case we are offering it inside our very secure environment. We’re also providing a shared data storage cloud for the intelligence community that allows us to integrate data from across the community while still maintaining that very fine grained access control and enforcing that need to know. That’s based on a lot of that unique technology developed at NSA. We also are providing shared resources for the community that allows people from across the community to run shared data analytics on that shared data repository while still ensuring users only see the data they personally authorized to see.”

Smithberger said all three clouds are operational today with the help of government contractors and are being used by IC agencies.

But NSA and its IC partners are expanding and scaling out these initial foundational capabilities. The end goal, he said, is to get capabilities delivered to the analysts that will let them more easily and more routinely collaborate across the IC.

Smithberger said the rate of adoption is different throughout the IC. He said NSA is using the shared storage cloud and resources for analytics aggressively, while others in the IC are working those tools into their processes.

“It is successful but we have a ways to go to before we realize the DNI’s full vision for the full collaborate joint environment for the intelligence community and it has other components than the cloud components,” he said.

NSA also is planning to adopt the shared desktop environment led by the Defense Intelligence Agency and the National Geospatial Intelligence Agency. He said it’s similar to the virtual desktop environment currently in use at NSA.

“NSA is going to be adopting that as we move to our next generation desktop. That will probably be in the next couple of years,” Smithberger said. “We’ll be starting to experiment in the near term. It’s really the same concepts. They had access to our solution and they have certainly adopted aspects of that, and they have also looked at alternatives in some areas. Their solution is similar enough to ours that we don’t think it’s going to be that painful to integrate it into our basic desktop environment.”

NSA is preparing for a new contract as part of its typical desktop refresh cycle. Smithberger said he expects to have a few thousand users on the share desktop in the coming year, but the major transition will not happen until the contract is awarded in 2017 or 2018.

Beyond ICITE, Smithberger said there are several other IT priorities his office is focusing on such as transitioning legacy systems to a modern infrastructure.

Cybersecurity, of course, is at the top of that list.

He said keeping the NSA network secure through the use of the agency’s expertise and knowledge.

Smithberger said the catch is to integrate with IC and non-IC partners to understand cyber threats and how best to mitigate them.

Big data is another major priority for the mission and internal security areas.

“We are constantly experimenting in how to use big data analysts in focused and precise ways while still maintaining our fine grain security. That’s been a fun area of adaptation for some time now,” he said. “NSA is using the same technology that is used by industry to process big data as well as some technology that we’ve developed ourselves. But we have sort of an interesting twist on this. Our foreign intelligence mission, our signals intelligence mission is done in a pretty focused way. The challenge is to use the same technology, but in a focused way and still ensure what we are doing is consistent with the protection of privacy rights. So we have to tune and adapt the technology to really fit within the way we conduct our mission. So part of what we are doing is that. And then part of it is applying those methodologies to various missions we have. We are using this technology as a force multiplier for our analysts to ensure that they are spending their time on what’s most productive. We are using the same technology to help us identify malicious activity and provide real-time alerts to various elements of U.S. government who both have a cyber defense mission and those who potentially are victims.”

Mobility is a third area that NSA is looking further into as well. Smithberger said one of the main focus areas is how best to take advantage of mobility inside the agency’s sensitive networks.

Related Stories