Nuclear weapons security agency moving apps to cloud

The National Nuclear Security Administration tells Congress it has more ideas for hybrid cloud platforms on its secure enterprise network.

cloud analysis (istorsvetlana/

The National Nuclear Security Administration plans to deploy the initial phases of a number of hybrid cloud platforms to support its secure IT networks and applications.

The planned deployments, the NNSA told Congress in its annual report on its oversight of the nation's nuclear weapons and nonproliferation duties, is part of an ongoing effort to mitigate cybersecurity risks for some of its non-nuclear IT systems through common platforms.

NNSA posted the report online on July 31.

The agency's CIO reported that in fiscal 2020 it plans to deploy the initial phase of an expansion of its Enterprise Secure Network (ESN) with a hybrid cloud platform for its West Coast communications hub to enable secure applications hosting for Lawrence Livermore National Laboratory.

It also plans an initial deployment of a hybrid platform for its East Coast data center for classified application hosting as well as a hybrid cloud platform that will support the Joint Technology Demonstrator project for Weapons Activities at its Kansas City Nuclear Security Campus near Kansas City, Mo.

NNSA began the ESN project almost 10 years ago to facilitate sharing classified data, secure communications and improve workflow for its many operations across what the agency calls the Nuclear Security Enterprise. The NSE is made up of the NNSA's nuclear production sites, as well as Los Alamos National Laboratory, Lawrence Livermore National Laboratory and Sandia National Laboratories, which are involved in nuclear weapons research.

The common platforms, said the office, can help mitigate a growing risk from "the necessary use of a global IT supply chain" that supports weapons programs. That supply chain cybersecurity risk, it said, is driving the evolution and implementation of ESN.

The agency said part of its mitigation of supply chain risks is to build an enterprise infrastructure that has tighter control over validation and distribution of software and hardware.