recommended reading

Pentagon to Industry: How Should We Do Cloud-Based Email for 1.6 Million Employees?

VLADGRIN/Shutterstock.com

The Pentagon’s next-generation unclassified email system may exist entirely in the cloud.

Before it does, the Defense Information Systems Agency – the Pentagon’s information technology arm – wants to gather “information, comments, capabilities and recommendations” from industry stakeholders, according to a notice posted this month.

DISA wants to replace its 3-year-old DOD Enterprise Email calendaring and email service capabilities “with a more cost-effective commercial cloud-based service” for more than 1.6 million users.  The notice states DOD’s evolving security policies have the Pentagon better prepared than ever to catch up with evolving technologies.

The notice goes on to state that, “While we recognize that shared cloud environments may provide significant opportunities, they also present unique risks to DOD data and systems that must be addressed.”

That suggests the Pentagon is most interested in one of two approaches.

The first is an on-premise deployment approach in which a commercial vendor would offer cloud-based email services from within DOD facilities. In this scenario, DOD emails are stored within DOD facilities and vendors would have to define requirements for hosting data within those facilities.

In the second – and likely, more cost-effective – scenario, the commercial vendor would offer cloud-based email and calendaring services from within its own facilities, with a secure connection between DOD networks and the cloud sharing data back and forth. In this scenario, DOD does not have to pay for hardware or managing data centers, which are typically large expenses.

Either scenario must conform with rigorous cybersecurity requirements that govern how DOD handles unclassified information in the cloud.

“We realize that each hosting approach is associated with a number of planning, technical and contracting considerations and we solicit vendor feedback and recommendations on approaches that would maximize effectiveness and cost efficiency,” the notice states.

Vendors and industry stakeholders have until Oct. 15 to respond. DISA officials are likely to use feedback in a potential request for proposals that could follow.

(Image via VLADGRIN/ Shutterstock.com)

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov