The Defense Information Systems Agency will play a major role in deciding how the Defense Department adopts cloud computing services and products.
DISA will serve as the department’s enterprise cloud service broker, which means all DoD components must acquire government or industry-provided cloud services using DISA, according to a June 26 memo from DoD chief information officer Teresa Takai that was released Wednesday. The only exception is to obtain a waiver from a review authority designated by Takai.
DISA will work on behalf of the department to manage the use, performance and delivery of cloud services and negotiate contracts between cloud service providers and DoD consumers. The memo does not detail how DISA’s relationship with DoD will work in the event that DISA is competing for DoD’s cloud business. Currently, DISA provides cloud email services for the Army.
Takai said DISA will make it easier, safer and more productive for DoD to consume and maintain cloud services internally and from other federal and commercial providers. DISA will help DoD adopt cloud services categorized as low or moderate in terms of potential impact on organizational operations and assets.
DISA will also ensure that cloud offerings comply with DoD’s information assurance and cybersecurity policies.
Under the 2012 Defense Authorization Act, DoD must develop a strategy to move its data and services from department-owned and -operated data centers to cloud computing solutions. Cloud solutions “provide a better capability at a lower cost with the same or greater degree of security” and are generally available in the private sector, the law says.
Takai’s memo uses similar language.
“The designation of DISA as the DoD enterprise cloud service broker is intended to promote use of cloud computing services generally available within the private sector that provide a better capability at a lower cost with the same or greater degree of security as government-provided services,” Takai said.
