Cloud over Pentagon plan to move all data to one network
Aug 7, 2019

Cloud over Pentagon plan to move all data to one network

The DOD has paused its search for a tech giant to take over its $10 billion cloud project.

The Department of Defense is looking for a company that can turn its patchwork quilt of cloud networks into one giant cloud. There’s a very big contract on the line — $10 billion. Amazon was the front-runner until last week, when President Donald Trump intervened and asked the DOD to investigate whether the process was unfair. 

The president has a beef with Amazon and its CEO, Jeff Bezos, but several companies have complained that the bidding process was rigged from the start in favor of Amazon. Then there are the security questions: Is one big cloud run by one big company a good idea?

Host Molly Wood spoke with Patrick Tucker, who is a technology editor at Defense One, a news site focused on national security. He said this contract is the centerpiece of the Pentagon’s efforts to modernize its infrastructure. The following is an edited transcript of their conversation.

Patrick Tucker: With the current setup, there’s a large constellation of a lot of different networks, a lot of different clouds. One result of that is that a lot of folks that are on the front lines, people that are getting into, for instance, jets to go and conduct bombing missions, they sometimes are missing the most recent and up-to-date information about what objects, what buildings, not to hit. So it’s a lot on the line, including, if you talk to folks, life and death.

Molly Wood: There is, however, always a security concern around centralization. The idea that all the eggs would be in one basket, so to speak, one cloud operated by one company. Does that introduce security vulnerabilities that weren’t there before or aren’t there now?

Tucker: It introduces a certain type of vulnerability because it does limit the Pentagon’s future in this endeavor to one company, and they’re going to continue to develop little, tiny clouds that feed off that one, but you’re locked in with a vendor. In terms of the actual cybersecurity issues, you can make a good case that having a whole bunch of little, tiny networks, computers that are sitting on desks in very far-flung bases and hilltops in Afghanistan, that that doesn’t present you with a far more secure cybersecurity solution, especially if you’re interested in knowing what’s going on with every specific computer. That’s not something that you get if you have this wide rat’s nest type of networking situation. But both cloud providers, they do have some security issues.

Amazon, for instance, was involved in the most recent Capital One hack that a lot of people are pointing out. Capital One came out very quickly to say that the problem wasn’t with Amazon’s technology. It was an insider threat incident. But Amazon has a history of not helping users to really understand how to lock down certain permissions that they perhaps give to administrators. So it’s not a technological issue with their service, but they have had problems in the past with folks that have made mistakes in terms of where to leave things on their cloud and including very important and sensitive clouds. And of course, Microsoft has long argued and battled against the perception that operating system software that it sends out is fundamentally insecure. According to Microsoft executives, the cloud is in many ways a remedy for that, because instead of having to create a patch and then distribute that patch to a whole lot of different places that administrators may not put it on for years, which is what happened with the Baltimore ransomware attack that we saw recently. A patch issued in 2017 wasn’t on computers in 2019. Instead, with a massive enterprise-level cloud, you can distribute those patches all at once.

Wood: Tell me more about this winning company, this vendor lock-in, because it does sound like the companies who are worried about Amazon getting bigger or Microsoft getting bigger, that we are talking about a real winner-take-all scenario here, right?

It’s a lot of power and influence within the DOD for whoever gets this contract.

Patrick Tucker

Tucker: Right. And the Pentagon likes to emphasize — whenever they can — that whoever gets this contract is not going to get every single cloud contract that the Pentagon produces going forward forever and ever. At the same time, whoever gets this is going to be really at the centerpiece of everything that the Pentagon does with data and cloud infrastructure going forward, and will play a huge role in the way the Pentagon creates artificial intelligence solutions, too, which is a whole other area that they’re looking to spend a lot of money on, they’re looking to develop really quickly. It’s a lot of power and influence within the DOD for whoever gets this contract. Microsoft already has a lot of contracts with the Pentagon; in fact, that history is a big part of their sales pitch. They are on the line for a whole other $8 billion cloud contract. If they win this one, it would be almost $20 billion in Pentagon cloud contracting that would go specifically to Microsoft. And Amazon has a CIA cloud contract, an NSA cloud contract. That also is a potential worry, because you’re watching a company that also has a huge consumer footprint grow into the government almost as quickly.

Wood: Why has there been so much opposition to this $10 billion cloud computing contract with the Pentagon (notwithstanding the president’s interference)?

Tucker: There are a lot of traditional contractors to the Pentagon — [information technology] players, most notably Oracle, but you also have IBM and you have a whole constellation of other ones — they’re used to selling cloud services to the Pentagon. The way this contract was structured, it basically ruled out them getting it. So almost immediately, they began to launch a lot of protests. They protested the request for information that the Pentagon put out. Oracle has issued a couple of lawsuits. There’s been a lot of interesting, especially in the realm of defense contracting, activity attempts to suggest that people that were involved in the drafting of requirements for the contract were somehow corrupt. Basically, a lot of companies were cut out of this project because of the way it was structured, and they didn’t like it.

Wood: Tell me more about the way it was structured. How were they cut out? Do you mean that the technological requirements ruled them out or something else?

Tucker: Precisely. The base technological requirements were too demanding for them to compete. You needed a massive enterprise-level cloud. It had to reach federal impact level six, which is the highest security standard for government IT that exists. And at the time that that was written, the only company that could achieve that was Amazon through its AWS service. So you needed a cloud that was the cloud that, for instance, Fortune 500 companies and big tech companies like Netflix, for instance, used to vent a lot of high-bandwidth content to their users. As it was originally written, there was only one company that could compete, which is a huge part of the protest. But since then, there are two that are in competition: Amazon and Microsoft.

Microsoft has reached federal impact level five, and they believe that they can probably get to federal impact level six by the time the contract is awarded. Everyone that I’ve talked to in the Pentagon and elsewhere says that they’re in very real competition for this, they have a much stronger, traditional connection to the Pentagon. So at this point, it’s sort of neck and neck, but that was the reason why these smaller players felt like they had been locked out. They just don’t have the actual equipment to compete.

Related links: more insight from Molly Wood

Oracle was so upset over this whole situation that its executive vice president created a little infographic called “A Conspiracy to Create a Ten Year DoD Cloud Monopoly.” It involves Amazon executives, former Defense Secretary Jim Mattis, who is on the president’s brown list, and former Obama administration people.

Anonymous insiders told the Washington Post that the president saw the infographic and it worked. In case you are wondering, no, this is not how contracts with the Department of Defense, or any branch of government, are probably supposed to go.

Tucker said the Department of Defense’s new secretary, Mark Esper, could throw out the entire bidding process and start over, either with different requirements or he could break the funding into smaller parts and distribute the cloud computing contract among multiple companies. DOD officials told Tucker that would be expensive and at the risk of making it sound like the current IT infrastructure is a terrifying and inefficient mess that’s putting people in danger every day.

The future of this podcast starts with you.

Every day, the “Marketplace Tech” team demystifies the digital economy with stories that explore more than just Big Tech. We’re committed to covering topics that matter to you and the world around us, diving deep into how technology intersects with climate change, inequity, and disinformation.

As part of a nonprofit newsroom, we’re counting on listeners like you to keep this public service paywall-free and available to all.

Support “Marketplace Tech” in any amount today and become a partner in our mission.

The team

Thanks to our sponsors