Outside the Beltway

CIA Amazon Cloud

The CIA will soon be storing our nation's most sensitive information with a private company.

James Joyner · Wednesday, March 20, 2013 · 6 comments

The CIA will soon be storing our nation’s most sensitive information with a private company.

Frank Konkel of Federal Computer Week reports (“Sources: Amazon and CIA ink cloud deal“):

In a move sure to send ripples through the federal IT community, FCW has learned that the CIA has agreed to a cloud computing contract with electronic commerce giant Amazon, worth up to $600 million over 10 years.

Amazon Web Services will help the intelligence agency build a private cloud infrastructure that helps the agency keep up with emerging technologies like big data in a cost-effective manner not possible under the CIA’s previous cloud efforts, sources told FCW.

[…]

In recent speaking engagements, however, CIA officials have hinted at significant upcoming changes to the way the agency procures software, how it uses big-data analytics and the ways in which it incorporates commercial-sector innovation.

Speaking to the Northern Virginia Technology Council Board of Directors on March 12, Central Intelligence Agency Chief Information Officer Jeanne Tisinger told an audience of several dozen people how the CIA is leveraging the commercial sector’s innovation cycle, looking for cost efficiencies in commodity IT, and using software-as-a-service for common solutions.

[…]

Historically, the CIA’s cloud computing strategy centered on a number of smaller, highly specific private clouds. While the full scope of its current contract with Amazon is not yet clear, it is likely this contract essentially brings a public cloud computing environment inside the secure firewalls of the intelligence community, thereby negating concerns of classified data being hosted in any public environment.

[…]

Industry experts, while stressing that they were not privy to the deal’s details, told FCW that such a move would be a “game-changer” in federal IT, and that it would show the CIA is acting intelligently with regards to emerging technologies and tightening budgets.

Business Insider‘s Julie Bort (“The CIA Is About To Sign A Game-Changing $600 Million Deal With Amazon“) adds:

AWS is the largest “public” cloud provider. In general, the term “private cloud” means using cloud computing technologies in a company’s own data center. Public clouds are in hosted facilities, where the hardware is shared with many users. Sharing the hardware saves money.

Amazon hasn’t been very interested private clouds. Years ago, it even argued against them. If companies want private clouds based on Amazon’s tech, they often go to startups like Eucalyptus Systems.

Amazon’s approach has been its “Virtual Private Cloud.” This still uses hardware hosted by Amazon, but adds extra security to make it behave more like a private datacenter.

While my initial reaction was skeptical, it makes a lot of sense to turn the technological end of the business over to Amazon rather than trying to build it in-house. Even with its substantial resources, the CIA can’t possibly match the infrastructure talent of Amazon, whose continued profitability as a cloud services provider depends on them being on the cutting edge of quality and efficiency.  And it certainly sounds as if the natural security concerns are addressed with the “private” arrangement.

via John DeRosa