DOD ISSUES CLOUD STRATEGY, BUT WHAT DOES THAT MEAN?

While the Department of Defense issued its new cloud strategy earlier this week it is perhaps more notable for what it doesn’t say than what it does.  On the surface, DOD is embracing different types of cloud solutions with an eye toward adopting commercial cloud platforms.  Anyone who’s spoken with DOD officials, however, knows that pitching an off the shelf cloud solution will likely not lead to much business.  Left out of the policy is the reality that many DOD and service branch leaders want cloud solutions with the highest level security protections, an expensive proposition that automatically counts out all but the largest companies.  Also missing is DOD’s preference for dealing with known, established contractors – especially when newer solutions like cloud are being acquired.  This is essentially reinforced by the cloud policy which takes a “warfighter first” approach and states that cloud solutions must be built “in a manner that never puts the warfighter at risk”.  While there may be some limited, pilot-like opportunities for innovation, the agency has already signaled that larger cloud solutions will go to either established DOD contractors that can implement cloud tools that are both offensive and defensive, or leaders in commercial cloud technology that can meet high security requirements.  Established DOD contractors offering cloud solutions should be familiar with the policy, but also understand what is missing