How the DoD’s JWCC Contract Can Improve Mission-Supporting Cloud Performance and Security
The Department of Defense (DoD) is taking major steps to boost cloud performance, with the promise of a tangible, positive impact on military missions throughout the world. Specifically, the Joint Warfighter Cloud Capability (JWCC) contract is replacing the Joint Enterprise Defense Infrastructure (JEDI) initiative, which was intended to establish enterprise-class cloud capabilities for the military community. This is as a result of the DoD canceling JEDI, claiming it no longer met its needs due to "evolving requirements, increased cloud conversancy, and industry advances." JEDI also encountered significant delays after a number of bid protests from Amazon and Oracle.
JWCC will serve as a multi-vendor, multicloud, indefinite-delivery/indefinite-quantity (IDIQ) contract, pulling resources from cloud hyperscale companies. In November, the DoD announced that it issued solicitations to Amazon Web Services, Google Cloud, Microsoft, and Oracle to bid on JWCC. Selected providers will have to pass a cybersecurity test to demonstrate their controls are "a little bit over and above" what Federal Risk and Authorization Management Program (FedRAMP) authorization requires.
A more secure environment
We perceive this as a very positive development, especially from a security perspective. With its focus on a single provider, the JEDI contract would have put all the military’s “eggs in one basket.” But this, however, results in a single vendor for cyber adversaries to target, making it easier for them to launch a massive attack that could take down the DoD’s cloud environment and disrupt missions.
A multicloud environment greatly helps avoid such a foreboding scenario and, besides, this is where the DoD has been heading anyway with initiatives such as Cloud One.
We believe JWCC should continue in this direction, with the four major vendors combining for a multicloud foundation. There could even be smaller companies adding their own offerings to the mix. The diversification and distribution of resources will make it much more difficult for our enemies to compromise military operations with a single cloud strike.
Better decisions via an improved cloud
From a broader perspective, JWCC tells agencies and their stakeholders that the DoD recognizes how critical a role the cloud plays – and will continue to play – in achieving mission objectives and executing overall military strategies. Battles are now fought in cyberspace, just as they are fought on the ground, in the air, and at sea. Our intelligence and military communities depend upon cloud-enabled, real-time updates to get the right data to the right people at the right time. With this, they make better decisions in minutes, or even seconds. With anything less, teams are insufficiently armed and otherwise left potentially unprepared for battle.
Regardless of which direction JWCC takes, we’re certain the multicloud environment will be a complex one. Agencies will need to know where their workloads are running all the time, understand where and how all of the pieces are connecting, and whether they are performing as required. Teams cannot afford to “fly blind.”
Dynatrace brings optimal cloud observability
By partnering with Dynatrace teams can utilize our unique Software Intelligence Platform, delivering automatic and intelligent observability. Offering visibility across the entire environment, powered by our unique AI engine Davis, teams will never fly blind again. Instead, they establish always-on awareness and control over their multicloud environments. They continuously observe and capture all data from logs, metrics, and end-to-end transactions generated from tools supporting battlefield communications, shipboard operations, aircraft refueling, disaster response, etc. From there, software intelligence solutions create baselines to distinguish “normal” activity from that which can disrupt systems and the missions depending upon them.
As in the private sector, the U.S. government struggles to obtain this level of visibility and oversight, as less than one in ten organizations have a centralized data management system or platform.
At Dynatrace, we work closely with DoD customers to ensure their IT and security teams can see all cloud activity – everywhere – so any issue which could potentially disrupt or even shut down operations is immediately identified and resolved. If you’d like to know more about how we can help solve your cyber system’s problems through our automatic and intelligent observability and other offerings, please contact us.