recommended reading

Navy CIO Tells Units to Use Commercial Cloud Services for Public Information


Navy Chief Information Officer Terry Halvorsen directed the Navy and Marine Corps to use to commercial cloud service providers to host publicly releasable information. The decision follows a successful pilot of the Navy secretary’s public website on an Amazon Web Services cloud.

In an April 1 policy memo released last Friday, Halvorsen said Navy and Marine Corps information systems that contain only information previously approved for public release will move to commercial cloud service providers “unless a more cost effective DoD solution is identified.”

According to the memo, systems for which “the loss of confidentiality, integrity, and availability could be expected to have limited adverse effect” will be candidates for moving to commercial clouds.

The Navy’s decision to use commercial cloud services puts a dent in plans by DISA to become the premier hosting organization for Defense at its data centers. Bernie Skoch, a consultant and retired Air Force brigadier general who did a tour at DISA, said centrally managed services facilities need to be ready to justify their existence in the current budget climate.

Skoch said that organization like DISA need to react quickly to the needs of their users and customers. “Time will tell if any services agency has the agility and efficiency to put responsive processes in place that adequately address a broad variety of users' needs fast enough and cheaply enough.”

The shift to commercial cloud services complies with the 2012 National Defense Authorization Act, which mandated “migration of Defense data and government-provided services from department-owned and operated data centers to cloud computing services generally available within the private sector that provide a better capability at a lower cost with the same or greater degree of security.”

The Navy CIO’s office said the Amazon Web Services pilot hosting the Secretary of the Navy public website fits with this Congressional mandate. The innovative decision to host the data in a commercial cloud environment resulted from an analysis of several factors, the most important being the type of data stored in the portal, hosting costs and security requirements,” the post said.

Defense CIO Teri Takai designated the Defense Information Systems Agency as the enterprise cloud services broker for the department in a June 2012 memo that charged DISA with management and delivery of internal or commercial computing services, including adherence to information security and cybersecurity policies.

Halvorsen said in his memo the Navy cannot use DISA as a broker because “the broker concept is still being developed by DoD and is not fully in place,” which means the Navy has to pursue it own course. “Pending further guidance from the DoD CIO, the DON must move forward and employ capable solutions that meet mission and security requirements and provide the best value,” Halvorsen said.

Security and cost are key concerns as the Navy moves into the cloud world, Halvorsen said.  Initial projects will help the Navy define its security documentation and certification standards and processes that are unique to cloud systems, the memo said. Halvorsen said the Navy also will conduct an analysis on how to identify the most cost effective hosting environment for information systems that require more stringent security.

(Image via ClickHere/

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.