recommended reading

DISA poised to become Pentagon's top cloud computing supplier

The Defense Information Systems Agency is "uniquely positioned" to become the leading provider of cloud computing services to the Defense Department for both unclassified and classified data, Dave Mihelcic, the agency's chief technology officer, told Nextgov.

Cloud computing is gradually replacing the current structure built on accessing data and applications locally with a networked system that stores data in remote centers. On Dec. 9, 2010, the Office of Management and Budget directed all federal departments to follow a "cloud first" policy to meet their computing needs, rather than buy new hardware and software.

DISA operates 14 data centers around the world with a current storage capacity of 3.7 petabytes connected by the broadband Defense network, the Global Information Grid. (One petabyte is a quadrillion bytes and can store data equal to the paper in 20 million four-drawer file cabinets.) Mihelcic said this is a combination that will meet the military's cloud computing security requirements.

By using the DISA cloud environment, Mihelcic said, Defense can meet the OMB mandate, help reduce the number of data centers and save money, though he declined to put a dollar figure on the savings.

While the 2011 Defense Authorization Act passed last month called on the Pentagon to evaluate commercial providers as a source for cloud computing services, Mihelcic said the best way to ensure the security of sensitive data is to use the DISA cloud.

DISA offers military departments and agencies far more than just raw storage and bandwidth, Mihelcic said. It also offers applications hosting and technology that moves data closer to end users. Last October the Army signed an agreement with DISA to host all its e-mail, which means serving 1.4 million unclassified users and 200,000 secret users in the DISA cloud, at an estimated cost savings of $100 million a year.

The Naval Sea Systems Command runs its Web services and ship system design in the DISA cloud, Mihelcic said, while the Air Force uses DISA cloud services for its Global Support System, which includes more than 400 logistics, finance and personnel applications.

Its global network enables DISA to move applications closer to end users who operate in austere, remote bandwidth-deprived environments, through its GIG Content Delivery System. That system taps a network of globally deployed servers to speed up connections and minimize download times.

The service is based on technology developed by Akamai Technologies Inc. to serve major commercial Web outlets with a network of distributed servers, Mihelcic said.

To beef up its ability to serve remote users, Mihelcic said, DISA is developing a data center in a transportable shipping container that houses servers and routers and easy-to-hook-up power connections, a concept pioneered by Google in 2009.

DISA ensures against an application being knocked out by a power failure by distributing applications among its family of data centers. It also provides redundant, backup hosting in case a data center does go down, Mihelcic said.

The agency charges for its services, and Mihelcic believes DISA can be competitive with commercial providers, particularly when the security it offers is factored in.

While Mihelcic portrayed DISA as the "go to" shop on Defense for cloud services, the Army has an ongoing competition for its own private cloud computing environment, bids for which are due on Feb. 22. Mihelcic said DISA did not pursue the Army cloud opportunity "because we are not interested in competing with private industry."

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.