Pentagon CIO Talks Security, Mobility, Shared Services

Budget cuts and cybersecurity demands have led the Department of Defense to push increasing resources into a long-term strategy to create shared IT infrastructure across the military, CIO Teri Takai says.
Defense Robots: Fast, Flexible, And Tough
Defense Robots: Fast, Flexible, And Tough
(click image for larger view and for slideshow)
The Department of Defense has more than 100 people working on its Joint Information Enterprise strategy, a long-term plan for a common IT infrastructure--including shared networks, data centers, and IT services--across the military, DOD CIO Teri Takai said last week at InformationWeek Government's IT Leadership Forum in Washington, D.C.

Joint Information Enterprise (JIE) is not a new term for the military, but its use has again been on the rise in recent months as top DOD IT officials increasingly discuss the need in tough budgetary environments to consolidate and share IT resources. According to Takai, DOD is now hard at work on a timeline to implement the strategy.

"The concept that we're driving is really to bring together a lot of concepts," Takai said. "Today we provision our networks, data centers, and information on a service-by-service basis. Today they operate in a very siloed way. The idea is to think 'enterprise' going in, to bring together our physical data centers, our services, and our data, and we have to make sure that we can deploy quickly and rapidly in a much more standard way than we do today."

[ With an IT budget that hasn't grown in three years, federal IT leaders are looking to "cut and invest" to make their agencies more agile and efficient. See Federal CIO Touts Shared Services Model. ]

JIE will include a strategy for shared networks, shared security frameworks including common identity management, and more. According to Takai, a shared environment will improve security and collaboration, accelerate the development of new IT services and deployment of mobile devices, and will make heavy use of cloud computing.

However, she said, the "cadence and speed" with which this strategy will move will be determined in large part by the services themselves. This can now be seen in the DOD's enterprise email strategy. Takai has expressed an interest in moving all of the military to a common email infrastructure. The Army is now well underway in its move, and the Air Force is next up, but each service is moving at its own pace.

While the budget is a big driver for the JIE, information security is one of the key parts of the effort, and some of the improvement on that front will come from network consolidation, according to Takai.

"Networks haven't necessarily been designed with security in mind," she said. "It is very difficult to protect all these isolated enclaves, and so we are looking at what a Joint Information Environment would look like from that standpoint, from as much a cyber standpoint as an efficiency standpoint."

Increasingly, for example, the DOD is looking at security from an enterprise and data-level perspective, working on a common identity management framework, rolling out a public-key infrastructure on both classified and unclassified networks, and tagging data for security purposes.

Takai said that mobility should benefit from the shared security work. "We can't do a secure mobility strategy when we are trying to link into so many security frameworks," she said. "By looking at a joint environment, we'll able to deploy mobile devices much more rapidly."

The goal, she said, would be to get to a point where the military can certify mobile devices within 90 days, and then allow the services to select which devices to use. "Our role is to make sure [the devices] fit into the network," she said. "The important thing is that we can set the policy floor, and then the control, the acquisition, the contract for those devices, the services are going to look at the justification for that."

Eventually, Takai said, DOD will also use a federated model to bring the different services' mobile application stores together. This may be a longer-term plan, as the Army, the first service with a mobile app store, barely has the first pieces of its store up and running. However, Takai said that DOD is already starting to look at the design of the federated store, building on work done by the Army.

Takai said that the shared infrastructure should also help accelerate development time. Currently, the average cycle for the development of enterprise systems within the DOD is a glacial 81 months, Takai said. She hopes to decrease that to between six and 12 months by leveraging shared infrastructure and agile development methodologies.

"We tend to blame [the long acquisition cycle] on the acquisition process, but it's a problem that we have to solve from the bottom up," Takai said. "The concept here is to have environments where we are building applications on top of them, where we are not trying to rebuild the infrastructure every time."

The DOD's data center consolidation effort dovetails well with this philosophy. The military will close 115 data centers in fiscal 2012 and hopes that its consolidation effort will save DOD $700 million in annual spending within five years.

One byproduct of this work will be increasing use of cloud computing concepts. DOD has been working on an overarching cloud computing strategy for months, and the final strategy will tie in with the data center consolidation strategy, Takai said.

The DOD's strategy shares much in common with a new intelligence community effort to move the currently highly federated intelligence community into more of an enterprise IT model. The intelligence community and military have been sharing technical experts to work on their respective strategies, and Takai even went so far as to call the two efforts "identical strategies."

In our InformationWeek Government virtual event, Next Steps In Cybersecurity, experts will assess the state of cybersecurity in government and present strategies for creating a more secure IT infrastructure. It happens May 24.