What Do US Intelligence Agencies and Netflix Have in Common? Both are Amazon Cloud Customers
It’s been almost a year since Amazon Web Services stood up a cloud computing infrastructure for the 17 agencies within the intelligence community.
It’s been almost a year since Amazon Web Services stood up a cloud computing infrastructure for the 17 agencies within the intelligence community.
The C2S cloud, part of a daring deal led by the Central Intelligence Agency, has already shaken up the status quo of “heritage systems” that until now have served as the national security agencies’ technological backbones.
The AWS-built cloud is still quite new, but already it’s made believers out of several top officials within the IC, three of whom who spoke Friday at the AWS Government, Education and Nonprofits Symposium in Washington, D.C.
“This is an opportunity to refactor, reform and revitalize whatever you were doing in the past,” said Alex Voultepsis, chief of the National Security Agency’s Engineering and Planning Office for the IC Special Operations Group.
During a panel conversation, Voultepsis said the advent of the C2S cloud has helped many agencies “stuck in heritage systems” begin to phase those systems out in favor of using the C2S cloud.
Portions of NSA, he said, will be able to sunset – or close down – legacy data centers, which will save the agency lots of money in space, power and cooling. Moreover, there are additional cost-avoidance savings that come with full adoption of cloud computing NSA expects to recover. Those come in purchasing hardware itself, acquisition costs and maintaining and refreshing it over the years. In an “apples to almost-apples” comparison, Voultepsis said moving workloads to the cloud “showed a significant cost savings.”
Still, moving to the cloud takes commitment, Voultepsis said.
“We’re investing less in commodity and more in prosecuting the business of intelligence,” he added. “We’re able to focus on the meat and potatoes of intelligence and not spinning disks.”
Jason Hess, cloud security manager for the National Geospatial-Intelligence Agency’s Office of the Chief Information Officer, said the incorporation of C2S has led to more “consistent security across the board.”
Rather than a collection of various systems and clouds, C2S gives the IC a single system, and the reduction in complexity provides a better security posture. NGA was the first intelligence agency to host an application in the C2S cloud.
Hess credited senior-level engagement as the primary reason the agency is beginning to move to the cloud.
“With 20 years of government experience, we rarely see emerging technologies,” Hess said. “Usually, we’re two operating systems behind what is current, so it’s very refreshing to play with new technologies and be a pathfinder in the industry space.”
Cloud operations, he said, are “completely different” than managing traditional data centers, like the one NGA built three years ago. He compared it to playing basketball in the second half of a game after spending the first half playing football.
In addition, the inception of C2S may make the IC a more attractive place for talented developers, said Kristine Guisewite, information system security engineer at Raytheon. Guisewite’s primary work has been almost entirely cloud-based within the National Reconnaissance Office.
She said AWS’ environment is much more familiar to developers than the “closed world” of classified systems, and the use of a common environment means problem-solving is easier. New developers prefer the C2S environment because it’s familiar, and older veteran developers enjoy the ease with which they can research problems other AWS customers “on the outside” – there are many, like Netflix – have run into before.
Yet, transitions rarely happen without a few speed bumps.
Guisewite said the biggest challenges from NRO’s perspective is simply bringing services used in the outside world “into our classified environment” while ensuring security concerns are met.
Challenges have arisen in the auto-scaling feature – where machines scale up or down dependent on need – because there was no way to track which machines were coming up and down, Guisewite said. There are other similar challenges ongoing, but she said she expected solutions within the next six months. Fortunately, she said, those kinds of solutions are likely to apply across the IC.
Another issue Hess noted has been cost. Some agencies have opted to withhold new development spending for up to six months, Hess said, to help pay for the transition. Yet, he said, there isn’t a simple silver bullet answer to that question.
“Currently, cloud adoption is a coalition of the willing,” Hess said.
(Image via Twin Design/ Shutterstock.com)