JEDI delay impacts classified cloud provisioning

cloud-based security (Omelchenko/Shutterstock.com)

Cloud

JEDI delay impacts classified cloud provisioning

A federal court hit the brakes on the Defense Department's multi-billion-dollar Joint Enterprise Defense Infrastructure cloud program, granting a temporary injunction on Microsoft's work in response to Amazon Web Service's lawsuit. Microsoft was awarded the contract in October.

In filings by U.S. government attorneys arguing against the injunction, defense officials said that JEDI needed to move forward despite the ongoing lawsuit for reasons of national security because delays would cost DOD $5 million to $7 million a month. Additionally, any delay would push back testing of a tool designed to execute cloud provisioning in the classified space more seamlessly and efficiently than is currently possible.

Currently DOD has no mechanism for buying classified cloud services directly from a vendor. There is now a gap of "weeks or months" between an order being submitted and verified in DOD's contracting systems and it being executed on the vendor side, because of security checks and requirements, Sharon Woods, the director and program manager of the Cloud Computing Program Office in the DOD's CIO shop, explained in sworn declaration dated Jan. 31 and released with redactions on Feb. 12.

"The potential security implications of mishandling this process are enormous," Woods stated.

To reduce this gap, the Cloud Computing Program Office entered into a contract in March 2018 -- while JEDI was still being developed -- to create a tool that, as Woods stated, "automates this process gap in a manner that supports user authentication and security auditing."

DOD acquired this service more than a year ahead of the planned JEDI award to make sure the tool was in place at launch. In a footnote to her declaration, Woods explained that the CIA "did not automate provisioning when it first launched Commercial Cloud Services (C2S), and expressed to DOD that its failure to do so earlier was one of its more significant lessons learned."

The ordering tool will still need to be tested at the unclassified level. That can't happen, Woods explained, if JEDI isn't open for business. "It cannot be deployed into the classified environment until at the unclassified level it is validated as functioning properly and the reporting and auditing capabilities are more mature," she stated.

The JEDI procurement has been embroiled in controversy extending to the White House. President Donald Trump made comments in July suggesting he would "look into" the "tremendous" problems with the JEDI buy. Amazon complained about those comments in its lawsuit against the Defense Department, asserting the White House tampered with the award process.

The AWS complaint also asserted that senior DOD officials, including the Defense Secretary Mark Esper and CIO Dana Deasy, were "uniquely susceptible" to pressure from Trump and that such political influence was likely present throughout the decision chain.

This article combines two reports first posted on FCW, a sibling site to Defense Systems.


About the Authors

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.

Lauren C. Williams is a staff writer at FCW covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at lwilliams@fcw.com, or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


Let's block ads! (Why?)



from Defense Systems: All Articles https://ift.tt/2uY3GMh
via Defens News
JEDI delay impacts classified cloud provisioning JEDI delay impacts classified cloud provisioning Reviewed by Unknown on 08:02:00 Rating: 5

No comments:

Defense Alert. Powered by Blogger.