The inconsistent security protocols across the federal government's decentralized IT architecture have made its entire information system a particularly inviting target for attacks by adversary states and rogue insiders.
There are compelling reasons for federal departments and agencies to move from a decentralized, ad hoc IT architecture to a cloud-based architecture. Decentralized systems are especially prone to computer-hygiene gremlins, such as when users' fail to apply software security updates consistently and practice poor password discipline. Such lapses present a low bar for hackers trying to propagate cyber malware or steal data. This hygiene problem is largely absent from centrally administered cloud-based architectures. Enforced uniformity of security practices among all users of the cloud creates a preferable outcome from a security perspective.
Cloud-based architectures also offer additional advantages to our agencies, especially to the Department of Defense: the capacity for the massive scale-up of storage and computing capacity; the ability to increase or decrease storage capacity on demand; and the ability to meter demand so that the user pays only for services used.
In 2013, the intelligence community reacted swiftly to its networks鈥� exposure to adversary cyber operations by moving all 17 intel agencies and their separate networks to a common, sole-sourced cloud-based architectural approach known as the Intelligence Community IT Enterprise (ICITE). The move has proved to be a significant advance over prior conditions. Nevertheless, it would be a mistake to conclude that this architectural approach best fulfills security and data management needs in the move to the cloud. Indeed, even among members of the intelligence community, the preference for agency-specific cloud storage has produced numerous 鈥減rivate clouds鈥� within the larger cloud-based architecture.
The IT architectural challenge facing the Pentagon is approximately ten times the size and complexity of the intel agencies鈥�. This alone calls into question the ability of a sole-source architecture such as the ICITE to meet the Department of Defense鈥檚 needs.
In 2012, the Office of the Secretary of Defense ordered the Defense Science Board to conduct a of security and reliability issues for a cloud-based architecture for the Pentagon. Noting the security needs and complexity of the military鈥檚 data storage and processing requirements, the Defense Science Board concluded that 鈥渘o cloud computing deployment model is uniformly suitable for hosting all DoD applications. In general, sensitive, classified, and time鈥恈ritical DoD applications should be deployed only in private clouds or conventional non鈥恈loud approaches.鈥�
The surge in the technical complexity of the Pentagon鈥檚 operations in the five years since the Board made its recommendation has only reinforced its significance and timeliness. As the path of military modernization has continued鈥攖oward autonomous operations, robotic systems, pervasive sensing, 24/7 multi-domain military operations and many other data and computationally intensive missions鈥攅ffective cloud-based security and data management have become fundamental. And there is still no "uniformly suitable" model.
Best practices in cloud use in the commercial sector affirm these observations. A 2016 Microsoft study found that 79% of the 1,734 surveyed firms in ten countries preferred a multi-cloud approach. Nearly one-third of those surveyed had four or more cloud service providers.
As the cloud services sector matures, the single-provider model for cloud services that was pioneered by the intelligence community may no longer be the preferred approach for organizations with significant security concerns. Increasing the number of cloud service providers may present differing cyber-attack challenges compared to a single cloud services provider. But multiple cloud service providers can raise the cost and risk to the attacker -- and the consequences of exposure -- even if no computer-based system can be made perfectly secure.