So I submitted this at work out of frustration after I went down the rabbit hole trying to find the phone number (seriously) for the NEC to get a simple question answered about managing/changing the UI on the sharepoint (because those rights are sequestered to literally one dude who works in a basement and is currently on leave) and got lost in the just awful intranet. The Army faces some different requirements for cloud services and business enterprise software, but most of the time at work I find myself just getting lost in how people think these things work versus how they actually work.
I'll be out of the Army in 60 days, but most of what I do right now has to do with writing orders and building other data products. 9 times out of 10, the folks above me want to do things with microsoft products that they were just not built for. Powerpoint is not a place to store and analyze data, yet that's how the boss wants things. "Take this and make a powerpoint slide" is something I hear a lot. So I read this hoping to find some future hope in how things might be getting better in the future. Maybe.
Mostly, I guess I hoped to generate some discussion amongst you folks at HN that undoubtedly know more than I do about how and why products work and about what the Army and the DoD at large could do to get better because for the first time since I commissioned I have a boss that likes to listen to what me and my peers have to say.
As an aside, I also feel like Army leadership has a weird relationship with technology. Especially folks that, like me, are from a combat arms branch and are now on staff.
20 years of this and, as usual, some opaque document that mainly conveys the point that the DoD has no idea what they're getting into. My best effort was trimming a 158 page document down to 39. Only problem was people actually started reading it.
Perhaps I have a different perspective, but skimming the document I get the impression that the Army understands fairly well what they're getting into. The document is written at a high level, but seems to be written by folks who have an understanding of why they want to do it, why it's possible now and wasn't in the past, and what the problems are that they'll need to solve to get it done. It's a strategy and vision document, not an implementation plan. What gives you the other impression?
I work with a USAF organization, helping them to gain a footing in cloud computing. It's not going so well, held up in large part by the Department of Information Systems (DISA). They have a "cloud" environment that they want any DoD entity to migrate to if that entity is thinking about going to the cloud.
Amazon has authority to host Level 1 and 2 data, which is a fancy term the DoD uses for "Public, Releasable information." They have PROVISIONAL authority to host Levels 3-5 data, which refers to For Official Use Only (FOUO) data.
Amazon has spent untold amounts of money passing various DoD-level certification packages like FedRAMP which looks at everything from physical security to how they prepare their invoices. AFAIK they are the only company to do such a thing.
As of now, unless you have a waiver from a General, you can't host your DoD system on AWS. We tried to enroll in DoD's pilot program for cloud computing, but were rejected because we didn't have a Colonel backing us.
The document is unavailable from my current location, but if you're asking that question, I wonder if there's even a specification of requirements for approved providers, a certification process, an auditing process... et cetera, et cetera.
I'm assuming that by "Army-unique systems and applications" they mean "Army-unique systems and applications that we can make do without (if we have to) for 100-200 days during warfare or possibly immediately and without prior notice."
There's a mention of IC ITE in this document, which if it's the same thing as ICITE is an evolution / rebranding of the controversial DCGS-A cloud framework from several years ago. It has a few services that are meant to enable people to develop their own version of something like Heroku from an intelligence perspective, which is a weird combination of Big Data analytics based upon Hadoop with social media functions like sharing links to intelligence sources combined with all the fun DoD classification hoopla.
There's several IaaS offerings that have been developed within the usual consortium of defense contractors that are approved / blessed to host a lot of these "Army-unique" systems. Amazon has accomplished an incredible amount so far with the horrific procurement process that would drain half of the VC capital out there just to get through a year or two of the vetting process (which has surprisingly little to do with "is your system hackable?" as much as "does your system meet our idea of what is not hackable?").
DoD internally has its own set of standards that rival or even dwarf what IEEE and many other industry-standards bodies produce. For example, your documentation needs to conform to DoDAF http://en.wikipedia.org/wiki/Department_of_Defense_Architect... to be considered for a lot of contracts at the sort of capability level that AWS would count under.
What's this document fails to show to any IC (heck, government contracting in general) outsider is the incredible amount of pain and failure that's happened to be able to even reach these sets of goals for DoD whatsoever. Meanwhile, Silicon Valley companies have spent the past 10 years producing technology instead of very expensive, PoC and military leadership ego-driven consensus documents and standards (a colonel could be compared roughly to a partner at a VC firm - you likely don't have a good chance of finding funding in this system).
As anyone that's worked for long in large organizations built around reducing risk rather than innovating can observe, a large majority of the work goes around coordination of effort than performing work in itself due to the sheer amount of resources lost if failure occurs. This only becomes self-fulfilling as the overhead of management and consensus-building grows and adds to the collateral damage of failure both fiscally and politically.
This is one BIG give-away - the internet is NOT a person, that can join a fight and be withdrawn from a fight. Iaas and Paas are already in the hands of IBM, CSC and HB - So what's left .. Well its the for eyes only (NSA) type of stuff. But it can't be in the hands Pvt.G2 think (Manning,Snownden) and other do-gooders; So what to do.. Well it's ATS time with "total info awareness" deep-cover
such that only 5 people know how to access it. Off book Black-budget - That's where we come in with (single purpose HW/SW) that links to the public domain. But is self-deleting upon detection and re-installing on demand. Top dollars paid on spec. -- psalm 23
I'll be out of the Army in 60 days, but most of what I do right now has to do with writing orders and building other data products. 9 times out of 10, the folks above me want to do things with microsoft products that they were just not built for. Powerpoint is not a place to store and analyze data, yet that's how the boss wants things. "Take this and make a powerpoint slide" is something I hear a lot. So I read this hoping to find some future hope in how things might be getting better in the future. Maybe.
Mostly, I guess I hoped to generate some discussion amongst you folks at HN that undoubtedly know more than I do about how and why products work and about what the Army and the DoD at large could do to get better because for the first time since I commissioned I have a boss that likes to listen to what me and my peers have to say.
As an aside, I also feel like Army leadership has a weird relationship with technology. Especially folks that, like me, are from a combat arms branch and are now on staff.