Federal agencies revamp cloud security strategy

Of all the federal agencies that have employed a cloud-heavy IT strategy in recent years, the Department of Defense has been the most outspoken and active, leading the charge for other organizations to follow suit in their own consolidation and migration goals. As cloud computing is met with increasing acceptance throughout sectors both private and public, the DoD remains ahead of the curve, honing in on objectives such as security advancements and new policies that promote and protect remote access for end users. This agency will continue to set the bar with regard to the cloud and beyond.

Strategic shifts
The Defense Information Systems Agency has always been a close partner of the DoD, providing the agency with consulting and procurement of cloud resources and other IT assets. According to a recent article from Federal Times, however, DISA and DoD are entering a new era of partnership, focusing on development of its cyber security profile and offering more high-level guidance for its overarching strategies. Cloud support for the DoD Information Network will also be prioritized in this restructured relationship, bridging gaps between commercial and private cloud services for the infrastructure.

"DISA is going to be moving away from participation as cloud broker and in cloud services, with more focus on providing security guidelines to include security reference models, the basis in determining costs and the types of applications that are candidates for cloud services," said Alfred Rivera, DISA acting director of strategic planning and information, according to the source.

Federal Times explained that while this change does not mark a significant departure from the norm for DoD officials and their interactions with DISA, it will ensure that these organizations stay on the mark with regard to their future aspirations in the cloud and other IT strategies such as virtualization and remote access resource procurement. As DoD and other federal agencies promote the protection and agility of their cloud systems, assistance from DISA should help boost accountability and expedite processes to stay ahead of the curve on new technologies.

Big-picture goals
According to Defense Systems, DISA's new role is part of a larger plan to centralize cyber defense operations in arrangement with the U.S. Cyber Command. With stronger connections to the DoD, DISA will be able to promote a more coordinated defense strategy across the federal spectrum, private sector entities and the national infrastructure at large. The operational construct will allow Cyber Command to perform more tactical operations and offer additional protection to networks throughout various smaller departments.

"We have to give DISA the ability to come up with a command-and-control node that can coordinate with others in defending the DoD information networks," Admiral Michael Rogers, head of the Cyber Command and the National Security Agency, told the news source.

The demand for stronger security will not let up anytime soon, and as federal decision-makers continue to push for the adoption of cloud resources, they must make sure their strategies are aligned with the nation's protective strategies overall.