Pentagon going to the cloud

[RenoF250]

https://www.vanityfair.com/news/2018/08/has-bezos-become-more-powerful-in-dc-than-trump

Vanity Fair?  Really?

https://www.businessinsider.com/9-rival-tech-companies-band-together-to-prevent-amazon-pentagon-win-2018-6

This seems like a bad idea.  The reason for regular companies to outsource is they do not have a bunch of secure locations with high speed internet to put their servers, the military does.  My next thought was we don't have security experts in our military IT and then realized if not we damn well better get some.  China is already moving the battlefield to the internet, we should not be sending $10B to some other company to outsource it.  Use that money to secure and train new "cyber warriors".

 

[Dric902]

The pentagon needs the best possible security.

the best security IT people don’t join the military, but make multiple times more money in the private sector.

whomever is the best should get the contract, regardless of who that may be. If it must be a no-bid contract to keep another lesser company from undercutting what is needed than so be it.

 

.

[RenoF250]

4 minutes ago, Dric902 said:

The pentagon needs the best possible security.

the best security IT people don’t join the military, but make multiple times more money in the private sector.

whomever is the best should get the contract, regardless of who that may be. If it must be a no-bid contract to keep another lesser company from undercutting what is needed than so be it.

 

.

The $2B clause in the requirement does not bother me, outsourcing does.  I realize what you say is currently correct, they need to find a way to change that.  They at least need to have people good enough to be competent to watch the contractors.  I would not trust any business with that Pentagon data.

[Dric902]

1 minute ago, RenoF250 said:

The $2B clause in the requirement does not bother me, outsourcing does.  I realize what you say is currently correct, they need to find a way to change that.  They at least need to have people good enough to be competent to watch the contractors.  I would not trust any business with that Pentagon data.

There are ways.

back ups, independent double checking, two person control, hundreds of tracking software programs.

so the competent people (and we do have competent people, but people like Steve Jobs don’t join the Army) can keep an eye on the computer geek prodigy that we may need to protest ourselves.

 

.

[Historian]

The cloud the Pentagon is talking about going to is built for them.  There are a lot of built in protections on both sides.  But this is not a public cloud like any other business might run..  Its a totally different species and heavily locked down with multiple layers of support.

Anyone working on this cloud is going to be checked, double checked, and will be working in the US.   Basically, contractors for the military.  You could always have a Snowden in there.  But you could have had him in the military.

It's not a normal cloud.  IF you buy AWS your data could be anywhere in the world.  If you buy Azure same way.  But there are pockets of governmental cloud operations that are only based in the US.

The main issue here is not the cloud: The main issues is almost all the major networking equipment is made in China.  That...should scare you.

I suspect some things will still reside safely on in house resources.

[EricB]

The chinese will bid using an american shell company. LOL

[crockett]

The NSA has one of the most sophisticated and largest data centers in Utah to spy on its own people, and the pentagon outsources to a cloud? That REALLY tells a story where they see the biggest threat. 

https://en.wikipedia.org/wiki/Utah_Data_Center

 

 

[Glocks4Freedom]

1 minute ago, crockett said:

The NSA has one of the most sophisticated and largest data centers in Utah to spy on its own people, and the pentagon outsources to a cloud? That REALLY tells a story where they see the biggest threat. 

https://en.wikipedia.org/wiki/Utah_Data_Center

 

 

1

That's because the UDC - a Socialist Organisation - loses money. The Pentagon wants a profit-making organization for peace of mind.

[Historian]

I've had a discussion with two IT guys in the course of the last four years.  Both of them work in the area on things that are "interesting."  Interesting enough they wouldn't tell me exactly what they did.  

One of them was using thin clients to the desktop with zero attached devices including printers.  He ran fiber to the back of these machines to storage.  That's right fiber to the desktop.  Because you're not going to run a Office Max witch on your desk. You got a desktop with what you needed and nothing else.  If you needed the internet for something you used a different machine for that.  You had to go through security to get anything, even a photo image, on to the secure thin client virtual desktop.

If you didn't like it you could talk to the Col. down the hall. He'll write you a glowing letter and arrange for your transfer.

Another fellow ran a series of very high end storage devices in roughly the same location.  He had similar security concerns and data was segmented in the form logical and physical barriers with over site by multiple levels of security permission and checks.  You got what you needed.  You need more?  Fill out this form and talk to the Col.  The Col will tell you what you want or don't.   Again, this cloud was internal, segments never left the building.  Other clouds could...but the networks never ever touched each other.

If you didn't like it you could talk to the Col. down the hall. He'll write you a glowing letter and arrange for your transfer.

Not all data is created equal.  Some data never leaves a room.  Some data you could care less for.

Again. The problem is the outsourcing of routing equipment to foreign countries.

Edited August 20, 2018 by Historian

[willie-pete]

Certainly seems to have " hacker disaster " written all over it.

[Historian]

1 hour ago, willie-pete said:

Certainly seems to have " hacker disaster " written all over it.

Yes, that is a concern.  But if you use dedicated fiber and create only one network with double secret unobotanium level encryption (I'm guessing the guys have better than 128 bit encryption) you have basically created a network that simply extends itself from Point A to Point B. Cal it point to point virtual private networking with encrytption.

Lock it down with various other points of contact such as MAC addressing and a few other techniques and apply software and hardware security and you'll know if anyone plays with it.   User control is the key. The human element.  Pretty much only .govs are going to hack fiber.  Up until about 20 years ago no one knew you could do it (outside of a few interesting places).

This is not a home network or even an office network, although, there can be some that kinda look like this.

Let me put  it this way::  God only knows how many public and private networks the packets that make up this message will tavel before any of you read it.   Might be 8, 12, or 20 networks involved.  Seriously.

Most secure organizations run a private internal only network, one a little loser, and one that anyone can say anything on.

There's a big difference between sharing memoirs of the bar at the lowest level. more secure middle that is just general work, and eyes on stuff that would keep you up at night.  These networks are not supposed to cross the stream (stay puft joke) and this is where Hillary got in big trouble.  She was crossing the streams. (make your jokes now)

In short:  You have to be on the network to hack this jewel.  You have .gov level tools to do it.  Maybe a...submarine. (cough)

I've had only one beer.  In another i become an historian.

Edited August 20, 2018 by Historian

[Historian]

Presguy

Right. Thanks for filling In the gaps in what I wrote.  Pun intended.

Things have come a long way in ten years.  

I'm not an advocate of putting everything in the cloud. It's highly situational. But at this point I think you have to look at your situation and see what works for you.

In another ten years in most cases on premisis storage and computes work be a.thing of the past for the most part and it will be sold as a service as.it.is today. It's just.going to eat the market.

Skills are going to change. Shortly.  The traditional IT shop is going to change.

It's going to be far more a la cart. Software networking and storage as a service even your desktop at some point.

Edited August 21, 2018 by Historian

[willie-pete]

All I now for sure is putting .gov in charge of anything usually turns out bad.

[ASH]

oh ******* great ,  nobody wants to the pentagon   THE FAPPENING PART 2