Download presentation
Presentation is loading. Please wait.
Published byLoren Harris Modified over 8 years ago
1
1DoD Cloud Computing Read the provided excerpts from - The “25 Point Implementation Plan to Reform Federal IT” - DoD Cloud Computing Strategy - The National Institute of Standards and Technology, Special Publication 800-145 - Read the DoD Chief Information Officer’s December 2014 memo, “Updated Guidance on the Acquisition and Use of Commercial Cloud Computing Services” Review the following slidesPre-Reading/”Homework”
2
2DoD Cloud Computing 25 Point Implementation Plan to Reform Federal IT - Agencies to default to cloud ‐ based solutions that are: - secure - reliable - cost ‐ effective - Agencies must focus on consolidating existing data centers The 2012 National Defense Authorization Act mandates DoD CIO submit a plan that includes a strategy to address migration of Defense data and government- provided services from Department-owned to cloud computing services Cloud Computing Laws, Policies, Strategies and Guidance
3
3DoD Cloud Computing Federal Government Cloud Computing Strategy – “Cloud First” DoD Cloud Computing Strategy enforced an Enterprise- First cloud approach in the DoD as required in the US CIO's policy statement DoD CIO established a mandatory Enterprise IT Business Case Analysis (BCA) for cloud services - Removed DISA as the ONLY cloud service provider a Component may engage for cloud services, - Mandates DISA cloud services MUST be considered as part of the BCA Cloud Computing Laws, Policies, Strategies and Guidance
4
4DoD Cloud Computing Per DoDI 5000.02: - Program managers will acquire DoD or non-DoD provided cloud computing services when the business case analysis determines that the approach meets affordability and security requirements DoD Cloud Computing Security Requirements Guide - Helps DoD cloud customers move more rapidly and securely into the cloud Cloud Computing Laws, Policies, Strategies and Guidance
5
5DoD Cloud Computing OMB published the “Federal Cloud Computing Strategy” on February 8, 2011, that states “To harness the benefits of cloud computing, we have instituted a “Cloud First” policy. This policy is intended to accelerate the pace at which the government will realize the value of cloud computing by requiring agencies to evaluate safe, secure cloud computing options before making any new investments.“ On December 15, 2014, the DoD CIO issued a memo entitled, “Updated Guidance on the Acquisition and Use of Commercial Cloud Computing Services” to clarify DoD guidance when acquiring commercial cloud services. The DoD CIO also released a Cloud Computing Security Requirements Guide (SRG), Version 1, Release 1 on January 13, 2015 for cloud service providers to comply with when providing the DoD with cloud services. DFARS subpart 252.239-7010 Cloud Computing Services, has twelve requirements for contracts and Contracting Officers. It provides standard definitions, Cloud computing security requirements, limitations on access to, and use and disclosure of Government data and Government-related data, Cloud computing services cyber incident reporting, malicious software and seven other related provisions. ISO/IEC 27017 Information Technology: Security techniques and Code of practice for information security controls based on ISO/IEC 27002 for Cloud Services. December 15, 2014, DoD CIO Memo, “Updated Guidance on the Acquisition and Use of Commercial Cloud Computing Services,” mandates that the Enterprise IT Business Case Analysis (PS BCA) be performed on any requested purchase of cloud services and that the DISA Cloud be considered as one of the options. Rationale: Federal Cloud Computing Strategy says “Consistent with the Cloud First policy, agencies will modify their IT portfolios to fully take advantage of the benefits of cloud computing in order to maximize capacity utilization, improve IT flexibility and responsiveness, and minimize cost.”Background
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.