The Defense Department wants to convert its key telework tool, the Commercial Virtual Remote (CVR) environment, to a permanent capability by next summer.
John Sherman, then CIO of the intelligence community, speaking in Omaha, Neb. in 2018 at the DODIIS Worldwide Conference. (DOD photo by Brian Murphy)
The Defense Department wants to convert its key telework tool, the Commercial Virtual Remote (CVR) environment, to a permanent capability by next summer, according to John Sherman, DOD's principal deputy CIO.
CVR, which is the Defense Department's version of Microsoft Teams, has been extended for use until June 2021, Sherman said Oct. 28 during C4ISRNET's CyberCon event, with the goal is to move to a more enduring capability.
"We are currently working on a more enduring [Microsoft] Office 365 base capability," with higher security capabilities, he said.
The Defense Department rolled out CVR earlier this year to accommodate teleworking in response to the pandemic. But a permanent version of the capability has different security needs, Sherman said.
CVR currently holds a cloud security level of Impact Level 2, which is sufficient to support telework, he said. The new capability would need an Impact Level 5 that keeps the "same functionality" as CVR, which allows communication between access levels and with users outside of the Department of Defense Information Network, and permits users to bring their own approved devices.
"We're working to bake that into an enduring solution in the run up to June 2021 when we hand the baton off [from] CVR," Sherman said.
The pivot to telework-friendly tools seems to be spreading in the national security arena. The National Security Agency's CIO, Gregory Smithberger, indicated in August that the agency wanted to increase its use of Microsoft Office 365 across all classification levels.
But that broad adoption, especially with higher rates of telework, means cybersecurity becomes more important. Attempts to compromise DOD's network and users spiked practically as soon as the Defense Department directed personnel to use maximum telework in March. Sherman said that trend has continued with new threats increasing.
"Education has been critical," he said, "to get the word out to these users on these telework platforms that they do need to be extra cautious here -- and that we don't want to down-classify things or do something that's not proper and talk around things."