The Case For Defense Department Cloud Computing

John R. Forbes (Redmond, WA) —

The fiscal year 2012 Defense budget request has a distinct tone from previous requests. Not only does it mark the first negative real growth since fiscal year (FY) 2006, but it also sets the stage for an almost flat line in terms of real growth across the Future Years Defense Program that goes through FY 2016. This budget request is a major step towards reforming inefficient business operations within the Department of Defense (DOD). As such reform continues, it is vital that DOD leadership considers best practices used across industry to achieve savings, and to a significant degree these include a role for new technology and general innovation. Here, I argue that a commercial cloud computing solution should be implemented Department-wide as part of the DOD reformation agenda.

Budget Pressures Lead to IT Reforms

In 10 years’ time (FY 2001-10), the DOD’s base budget grew more than 75% to $528 billion. This fact, coupled with Defense Secretary Gates’ pursuit of $178 billion in savings over the next 5 years, present a significant challenge for the DOD.

Concurrently, the Department’s ever expanding IT infrastructure has also reached a point of critical mass. Federal CIO Vivek Kundra’s December 2010 plan to reform Federal IT cited the need to consolidate nearly 2,100 federal data centers, 37% of which reside within DOD. Mr. Kundra’s Federal Cloud Strategy, released last week, targets 25% ($20 billion) of the Federal IT budget as “a potential target for migration to cloud computing solutions.” On top of this, Secretary Gates, in a January address, called out the current DOD IT infrastructure as a source of both inefficiency and cyber-vulnerabilities.

These coalescing events are placing immense pressure on DOD to identify and implement cloud computing on grounds of cost saving alone. Nevertheless, national security should be first and foremost when contemplating a DOD cloud, and cost-savings should not trump data security and the capabilities of our men and women in harm’s way. Any initiative should sustain or enhance, not degrade, our ability as a military. Fortunately, cloud solutions have continued to evolve, and federally certified commercial cloud offerings are available today.

Cloud Computing Has Defense Cost Benefits

The Federal IT reform plan includes a “cloud first” policy, citing the economic benefits of a cloud computing model. However, for any organization to understand the economic benefits of cloud, an application’s total cost of ownership (TCO) must be known. The DOD’s IT infrastructure, like many global organizations, is highly complex and lacks visibility of its complete TCO for most applications.

For example, the Air Force has numerous sub-organizations, from a headquarters level (funding enterprise-wide costs) down to individual installation civil engineering squadrons (funding power and core facility costs), who have direct impact on TCO for an application like email. A 2007 report from International Data Corporation showed computer server TCO broken into six categories: hardware, software, IT staffing, training, outsourced services, and user productivity. Using IDC’s model, an analysis of the Air Force’s email, instant messaging, and intranet services found significant cost savings if these applications were hosted in a commercial cloud environment. Even by conservative estimates, the Air Force could achieve 35% annual savings versus current operations and it is reasonable to predict similar savings DOD-wide.

Commercial cloud providers are able to offer such cost savings due to the economies of scale created by hosting data in their data centers where optimum efficiency in electricity, server utilization, and multi-tenancy are achieved.

Electricity cost is a major cost incurred by organizations who host data internally, and for DOD the savings on electricity alone would be tremendous. Military installations across the US pay for electricity based on location, and while this cost is likely near the Department of Energy’s average of $.10/kwh, overseas bases can be charged nearly three times that cost. Contributing further to the cost of electricity is the inherent inefficiency of the Department’s data centers. For various reasons, Power Usage Effectiveness (PUE), the measurement of electrical efficiency, is significantly lower in a commercial cloud-enabled facility than in a DOD data center.

In addition, the fact that cloud computing is a service greatly reduces the need for and expenses of investments in infrastructure, hardware and software for hosted applications. DOD data centers are inefficient because they are largely decentralized, in many cases serving only a few installations. Centralization of key business applications to a cloud-hosted data center would instantly enable DOD to benefit from “multi-tenancy,” the idea that the entire agency would use a single instance of an application (e.g., Microsoft Word) simultaneously. Currently, each military Service and other DOD components pay for separate application management and the associated data center infrastructure, manpower, and software to run their applications. Cloud computing would in principle enable DOD to amortize the fixed-cost of application labor over a large number of customers, driving lower cost per customer.

Moreover, “the cloud” maximizes server utilization, which would enable DOD to operate more efficiently on fewer servers. Currently, when disk storage or server capacity is needed by a Service, that Service must acquire and provision the additional assets. Similar IT acquisitions occur for short-term contingency operations that require increased content management and collaboration above and beyond current capabilities. Cloud computing provides a solution for both scenarios through maximization of server utilization (which is typically 5-10% of capacity), thus negating the need for additional server purchases.

Variability of use also increases server utilization; For instance, peak server usage for European bases occurs at the lowest utilization period for Pacific bases. Commercial cloud providers can run workloads with complementary time-of-day patterns on the same servers to minimize the number of servers required. If the DOD, or a single Service, needs to increase its usage the cloud can accommodate that intuitively and without additional expenditures.

Cloud Computing Has Defense Operational Benefits

The DOD, just like private-sector corporations, is observing an ever-increasing cost of managing their own data centers, as well as a disproportionate amount of their IT budget spent on infrastructure rather than innovation. The cost benefits described above aside, running data centers and maintaining IT infrastructure are not core competencies of the military. A strategic shift to a commercially run cloud computing infrastructure would allow DOD to reallocate thousands of IT personnel who currently maintain servers or staff help desks into operationally-focused roles; from “tail to tooth” as Secretary Gates puts it.

Today, when software patches are required, DOD IT personnel must install patches at each of the Department’s 700+ data centers, costing many hours and resulting in uneven results and leaves the network vulnerable. In a commercial cloud this work is centralized and built into the cost-per-user, instantly reducing manpower requirements and duplication of effort. Consolidation and real-time patching also increases overall security posture and reduces network vulnerabilities through rapid and consistent security patch updates.

In May 2010, the U.S. Cyber Command stood up to “direct the operations and defense of specified Department of Defense information networks and prepare to, when directed, conduct full-spectrum military cyberspace operations in order to enable actions in all domains, ensure U.S./allied freedom of action in cyberspace and deny the same to our adversaries.” Migration to a commercial cloud solution would further shift DOD Cyber Command personnel from “help desk” roles to operational roles.

The Chairman of the Joint Chiefs’ vision for the military is, “a Joint Force that provides military capability to defend our Nation and allies, and to advance broader peace, security, and prosperity.” To achieve that vision, the DOD must be postured to respond to threats as well as humanitarian crises anywhere in the world and at a moment’s notice. Seamless communication and collaboration across the Services is critical to mission success, and cloud computing, in part, can provide that capability.

Currently, military operations that last weeks or months can require the acquisition and provisioning additional servers to meet the need for increased communication and collaboration. Cloud “pay-as-you-go” models would enable nearly instant ramp-up with zero impact on DOD infrastructure. Shorter operations or exercises, including ones involving relocation of troops from their home station, may not require additional servers but necessitate instant connection to their geographically separated team, files, and operation-related messages. Today, commercial cloud solutions are capable of providing instant access to each of these functions regardless if troops are at their base, another stateside installation, or designated location abroad, only Internet access is required.

Information Security Challenges and Solutions and the Future

A move to cloud computing marks a tremendous cultural shift for the DOD, not to mention other parts of the government. Data security is top of mind for senior leadership, as it is for any company’s senior executives. Hosting DOD data outside of the agency’s own servers could, on the surface, be rather disconcerting. However, cloud computing companies capable of Federal cloud offerings operate under Federal certification and are cybersecurity experts, having successfully protected data for many millions of commercial customers. Today, government data from agencies such as the U.S. Department of Agriculture is secured in physically separate containers and in CONUS-based secure facilities. Most commercial offerings provide disaster recovery and automatic failover capabilities, a key security feature not found universally in DOD data centers.

Other options such as application consolidation under the Defense Information Systems Agency (DISA) exist, but are not ready to meet the need of the entire DOD. Efficiencies can be generated through application consolidation under DISA, but would pale in comparison to those created through a fully commercial cloud solution. For one, under the DISA model, the DOD would still have to maintain infrastructure on a scale capable of supporting the entire DOD workforce. Also, as previously stated, IT support is not a military core competency. Under a DISA model the DOD would still run its own IT infrastructure versus leveraging commercial expertise and proven practices. Any on-premise or private cloud solution would require significant up-front capital investment to build the infrastructure capable of housing such tremendous amounts of data, running counter to Secretary Gates’ call for near-term efficiencies.

Because cloud computing is having such a dramatic effect on corporate America, IT companies are focusing initial cloud offerings on improving business productivity through applications such as email or intranet hosting. Commercial cloud solutions can improve DOD business productivity today while achieving significant cost savings, but the future possibilities are even greater.

For example, as the number of Air Force intelligence, surveillance and reconnaissance sorties continues to grow, cloud computing could eventually provide a platform to securely and cost effectively house incredible amounts of data generated with technology such as Gorgon Stare. Whether operating in land, sea, air, space, or cyberspace, commercial cloud computing would provide globally deployed service members with instant access to key applications.

Economic pressures, along with a top-down call for consolidation through cloud computing, provide DOD with an unprecedented opportunity to improve and streamline its IT infrastructure and generate real cost savings. With more than two million uniformed and civilian employees, the DOD has tremendous leverage in a relationship with a commercial cloud provider. Moving to a commercial cloud solution is a move towards greater agility and flexibility for the Defense Department, today and in the future.

Capt. John R. Forbes (USAF) is currently an Education With Industry student with Microsoft Corporation. You can follow him on Twitter at @Forbes_John.

Pictures of old computers, money, Capt. Davis, and the Argonne cybersecurity team used under Creative Commons.