The Pentagon’s enterprise network agency is working to expand both its cloud service offerings and endpoint security to continue supporting mass telework, officials said Tuesday.
The Defense Information Systems Agency wants to expand the tools and services in its cloud service, milDrive, to make it a “one-stop-shop” for any storage needs, Carissa Landymore, cloud storage chief at DISA, said in a Tuesday AFCEA webinar.
The new focus is on the network’s edge — specifically, getting services, tools and other cloud-based products to users so they can continue to work virtually as the DOD looks to replace its virtual environment in the coming months with “enduring” Office 365. For DISA and its milDrive team, the new normal brought by extended telework is shifting how they do business to “integrate” with more cloud services and support virtual work.
“We need to expand our portfolio to make sure we can cover all storage requirements,” Landymore said.
To meet the initial needs of teleworking during the coronavirus pandemic, a DOD teleworking task force was convened to launch Commercial Virtual Remove (CVR), an environment that provides Microsoft Teams and collaboration services across the department. CVR will be replaced Dec. 15 with a long-term version, Brian Hermann, DISA’s services development executive said during the webinar.
Some of the new services milDrive will offer include getting cloud services to edge devices by offering more “gateway services.” Among the areas of concentration are improving access for agencies still operating on legacy systems, Landymore said. The project is also working more with users and agencies to better design services, find ways to link into other DOD clouds and make mobile device access more secure.
“Six months ago, that is something we never would have thought about,” Landymore said of the expanded services and secure mobile work she is doing.
Security for the endpoint
With more mobile users on their own devices and working in less-secure environments, DISA is also working to improve endpoint security. It has expanded use of its continuous multi-factor authentication pilots and has been working on ways to deliver sensitive data to user’s personal devices so that it doesn’t leave a trace, officials said.
“It’s not COVID driving the endpoint [security], it’s the future,” said Lt. Col. Nikolaus Ziegler, senior innovations officer at DISA.
Many of the personal devices that DOD workers use have inherent security flaws. To get around that, Ziegler and his colleagues have been working to build layers of VPNs that create a way for data to be seen on a unsecure device but not stored or accessible once the client connection is broken. This makes the endpoint device “just a pass-through.”