A recent example of fracturing of systems into smaller components is found in a March 2011 U.S. Government Accountability Office report on the U.S. Navy’s Next Generation Enterprise Network program. To increase the number of bidders for a major system, the acquisition executives expanded it from the existing three contractual relationships to 21. Instead of the integration that is essential for cloud computing, one of the largest Defense Department projects will be headed in the opposite direction.
In fiscal year 2011, the department’s information technology had rapidly expanded to $36.3 billion, not including the costs of military and civilian personnel, which would add at least another $6 billion to the total cost of information technology ownership. The per capita cost of information technology spending now represents more than 10 percent of payroll costs. It exceeds the expenses for most fringe benefits. It offers one of the largest operating cost targets for achieving cost reductions.
The Defense Department’s information technology systems management culture now has arrived at a dead end, traveling down the wrong street. What then is the way out? What cultural changes will be necessary to speed up the adoption of cloud-based computing? What is the time urgency?
Two variables will influence decisions regarding what needs to be done. The first is the need to make vast improvements in the security of Defense Department operations to ensure survival during a concerted cyberattack. The second, and perhaps more important variable, is financial. New money is needed to pay for better security and to fund long-overdue innovations. That cannot come from larger budgets. It must be extracted from savings in current operations.
The fastest generator of Defense Department cash savings is to transfer the operation of “commodity computing” to the SaaS clouds. Commodity computing includes email, collaboration, text processing, messaging, spreadsheets and calendars. It includes voice over Internet protocol, or VoIP, as well as video over IP. Commodity computing also provides access to all forms of social computing such as YouTube, Facebook, MySpace, Twitter and blogs.
Commodity applications consume a large share of the fiscal 2011 $4 billion Defense Department network costs. Most of that is concentrated in DISA. However, it is feasible to use communication over the Internet as a secure channel instead of depending on private circuits. There is no reason why such traffic should not be routed over the Internet instead of the department that is operating dedicated links for commodity applications. Banking transactions, airline reservations and global trade all are conducted over the Internet using a variety of techniques that have been deployed to make it more secure.
The technology for placing Defense Department commodity computing and communications into a SaaS cloud is available. SaaS services or licenses are available from competitive sources at a fraction of what it costs the department now. SaaS depends on open-source applications, which further reduces license costs for proprietary software. Operating-cost reductions are potentially in the range of 60 percent to 70 percent with only minimal up-front development expense.
One of the major cyberthreats to the Defense Department is the chance that commodity microprocessors, currently manufactured in places without adequate security inspection, may be installed in department servers. Such microprocessors would come with back-door openings already implanted. This can be overcome if the Defense Department pursues a SaaS architecture. The world’s largest SaaS firm, Google, has its circuit boards custom built. The National Security Agency (NSA) has experience with oversight of microprocessor manufacturing. No reason exists to prohibit this from being doing for a Defense Department SaaS, which would be only a fraction of the size of Google.
Migration to SaaS must overcome many obstacles. For starters, the Defense Department will have to stand up an organization that will plan, manage and contract for commodity computing.
Also, Defense Department components will have to commit to a uniform approach to network access authorization by everyone. Information security will have to be implemented consistently, following standards set by NSA.
Every commodity computing service will have to be structured for interoperability across several SaaS platforms so that vendor lock-in cannot take place. SaaS services need to be delivered from redundant data centers. More than three data centers should handle every transaction for delivery of 99.9999 percent reliability.
SaaS would have to be distributed to the edge of Defense Department sites so that Google-like latency can be realized. Delivery of SaaS transactions will have to be monitored by means of automated network control centers that will conduct real-time surveillance of the status of every user device.
SaaS can operate only as a component of a hybrid cloud configuration. Legacy, IaaS and PaaS clouds must supplement Defense Department computing and telecommunication during a transition time that may be never completely finished.