DOD's cloud strategy puts JEDI at the top

The Defense Department's long-awaited cloud strategy document places JEDI atop the cloud hierarchy as the organization's first line of computing.

cloud migration (deepadesigns/Shutterstock.com)
 

The Joint Enterprise Defense Infrastructure cloud initiative known as JEDI appears to be the one cloud to rule them all, according to the Defense Department's newly released cloud strategy.

"DOD has never stepped back and created a holistic view of what it is we're trying to do with the cloud," DOD CIO Dana Deasy said in a statement released alongside the unclassified, 14-page report Feb. 4. "The strategy addresses what we're trying to do ... the problems we're trying to solve and the objectives [we want to meet]."

The strategy emphasizes a cloud hierarchy at DOD, with JEDI on top and MilCloud second in command, followed by multiple "fit-for-purpose" clouds.

The JEDI program, the document states, is the "foundational approach to deliver the benefits of a General Purpose enterprise cloud for DoD."

Fit-for-purpose clouds, which includes MilCloud 2.0 run by the Defense Information Services Agency (DISA) as well as software-as-a-service models like the $8 billion Defense Enterprise Office Solutions program for email and chat, will be secondary to the commercially run JEDI general-purpose cloud.

All secondary clouds would have to work with JEDI, and any new cloud environments would require expressed justification and approval.

"Only when mission needs cannot be supported by General Purpose will Fit For Purpose alternatives be explored," the document states. Additionally, mission owners would have to seek DOD CIO approval "describing the capability and why the General Purpose cloud service does not support their mission."

Deasy echoed that sentiment during testimony at a Senate Armed Services cybersecurity subcommittee hearing Jan. 29, when he said that DOD needs to stop debating over mission-specific tools and focus entirely on implementation.

"There's no reason we need different tools to solve for many of these problems," he told lawmakers. "We need to standardize more, we need to stop rolling individual solutions, we need to move beyond the debates of what are the right product sets, and we need to spend all of our time talking about how to get the work done."

The strategy also touches on workforce issues, namely a lack of technical talent, but it does not chart a clear path to mitigate them.

"DOD's workforce must obtain a basic level of cloud proficiency in order to most effectively exploit the benefits of cloud," acting Defense Secretary Patrick Shanahan wrote in the strategy. "Just as every Marine is a rifleman, every DoD employee must have basic cloud awareness to effectively operate on the 21st century battlefield."

Additionally, the strategy indicates that the Defense Department's cloud matters won't always belong to the CIO.

DOD CIO will transfer cloud oversight to a named "enterprise cloud organization with appropriate leadership" after JEDI is fully implemented and the smaller, tailored clouds are matured. It is not clear whether DISA would be that entity or if another unit would be stood up.