Saturday, November 6, 2010

Is Army’s Cloud Services RFQ Fit for Cyber Operations? *

Contractors will own and operate all facilities, including all hardware and software provisioning. Their responsibilities include assurance of network connectivity; application migration; security assurance; provision of virtual operating environments; capacity planning and forecasting/trending for growth; and configuration and management of customized servers, storage, security and networking devices. Contractors also hold responsibility for disaster recovery and business continuity planning and execution of services; migration planning, scheduling, coordination and implementation; support for continuity of operations; system administration and monitoring services; network uptime and network availability guarantee; vulnerability and incident management; and access identification and authentication. They also must oversee the following areas: service desk and service request management; incident management; problem management; change management; release management and configuration management.
  
Summary
  
The role of the contractor to provide the Army with mostly reports and status checklists, without direct operational oversight, is inconsistent with the goal of making cyber operations an integral part of information warfare—which is to make it organic to Defense Department components. The way in which the request for proposals is written assumes that cloud computing can be handled as a back-office acquisition that can be outsourced. That may not be the way in which the Defense Department can proceed.
  
* See article in November 2010 AFCEA Signal magazine
http://www.afcea.org/signal/articles/templates/Signal_Article_Template.asp?articleid=2443&zoneid=303

No comments:

Post a Comment

For comments please e-mail paul@strassmann.com