CIA Amazon Cloud

The CIA will soon be storing our nation's most sensitive information with a private company.

The CIA will soon be storing our nation’s most sensitive information with a private company.

Frank Konkel of Federal Computer Week reports (“Sources: Amazon and CIA ink cloud deal“):

In a move sure to send ripples through the federal IT community, FCW has learned that the CIA has agreed to a cloud computing contract with electronic commerce giant Amazon, worth up to $600 million over 10 years.

Amazon Web Services will help the intelligence agency build a private cloud infrastructure that helps the agency keep up with emerging technologies like big data in a cost-effective manner not possible under the CIA’s previous cloud efforts, sources told FCW.

[…]

In recent speaking engagements, however, CIA officials have hinted at significant upcoming changes to the way the agency procures software, how it uses big-data analytics and the ways in which it incorporates commercial-sector innovation.

Speaking to the Northern Virginia Technology Council Board of Directors on March 12, Central Intelligence Agency Chief Information Officer Jeanne Tisinger told an audience of several dozen people how the CIA is leveraging the commercial sector’s innovation cycle, looking for cost efficiencies in commodity IT, and using software-as-a-service for common solutions.

[…]

Historically, the CIA’s cloud computing strategy centered on a number of smaller, highly specific private clouds. While the full scope of its current contract with Amazon is not yet clear, it is likely this contract essentially brings a public cloud computing environment inside the secure firewalls of the intelligence community, thereby negating concerns of classified data being hosted in any public environment.

[…]

Industry experts, while stressing that they were not privy to the deal’s details, told FCW that such a move would be a “game-changer” in federal IT, and that it would show the CIA is acting intelligently with regards to emerging technologies and tightening budgets.

Business Insider‘s Julie Bort (“The CIA Is About To Sign A Game-Changing $600 Million Deal With Amazon“) adds:

AWS is the largest “public” cloud provider. In general, the term “private cloud” means using cloud computing technologies in a company’s own data center. Public clouds are in hosted facilities, where the hardware is shared with many users. Sharing the hardware saves money.

Amazon hasn’t been very interested private clouds. Years ago, it even argued against them. If companies want private clouds based on Amazon’s tech, they often go to startups like Eucalyptus Systems.

Amazon’s approach has been its “Virtual Private Cloud.” This still uses hardware hosted by Amazon, but adds extra security to make it behave more like a private datacenter.

While my initial reaction was skeptical, it makes a lot of sense to turn the technological end of the business over to Amazon rather than trying to build it in-house. Even with its substantial resources, the CIA can’t possibly match the infrastructure talent of Amazon, whose continued profitability as a cloud services provider depends on them being on the cutting edge of quality and efficiency.  And it certainly sounds as if the natural security concerns are addressed with the “private” arrangement.

via John DeRosa

FILED UNDER: Intelligence, Quick Takes, Science & Technology
James Joyner
About James Joyner
James Joyner is Professor and Department Head of Security Studies at Marine Corps University's Command and Staff College and a nonresident senior fellow at the Scowcroft Center for Strategy and Security at the Atlantic Council. He's a former Army officer and Desert Storm vet. Views expressed here are his own. Follow James on Twitter @DrJJoyner.

Comments

  1. Murray says:

    Reading the headline I went … WHAT?! Then the fact that the deal is for Amazon to help setup a service specifically for the CIA calmed me down a little.

    I do remain skeptical however. Amazon may be very profitable but they surely don’t impose on themselves the level of security the CIA will want, and the fact that the system will be hosted on Amazon hardware takes a lot out of the word “private”.

  2. HelloWorld! says:

    “While my initial reaction was skeptical, it makes a lot of sense to turn the technological end of the business over to Amazon rather than trying to build it in-house”

    Naive.

  3. Mikey says:

    I don’t see this as any different from any contractor involvement in government IT. My employer does the same thing with various agencies, including the big three-letter ones. It’s just significant because it’s Amazon rather than General Dynamics.

  4. James Joyner says:

    @Murray: I put those keywords in and intended to craft an actual headline around them but forgot to circle back. Oh, well.

  5. Jen says:

    I think it’s also highly likely that the most sensitive “stuff” won’t be housed there. With the proliferation of publicly available data, including social media content, it’s possible that this is an answer to store and process that sort of content in an inexpensive way. Makes sense to me.

  6. Brett says:

    That’s what I figure as well. They’d be crazy to store any truly sensitive stuff on anything other than a physically separated network from the broader internet.