The Department of Defense is following the Federal push to move toward an enterprise structure by using Defense Enterprise Office Solution (DEOS), an effort by the Defense Information Systems Agency to acquire Software-as-a-Service at a DoD enterprise scale.
DoD plans to move 4.5 million users to the cloud, using this approach. DEOS will replace the Defense Enterprise Email system, the Defense Enterprise Postal Service, and the Defense Collaboration Services. By the end of 2017 and into early 2018, DoD plans to complete a business case analysis, a requirements document, an acquisition strategy and a request for proposal.
DoD Acting CIO John Zangardi announced in May that his team has been working on a pilot for the Defense Travel System in order to modernize and make it more user-centric to serve DoD civilians and the armed forces.
“We need to give the experience that our employees have–we have to make it better,” Zangardi said.
The Defense Travel System, which accommodates about 3.5 million DoD travelers, was created in the 1990s. Once the DoD bought the source code from the company that built it, the IT officials began developing over the original source code to customize the system. This led to a system that isn’t user-centric, according to Syed Azeem, former IT Project Manager for Defense Travel System Modernization at DoD.
“If the underlying process is so complex then the commercial products will have a hard time meeting those requirements,” Azeem said.
DoD is modernizing its travel system by reducing the policy guidance from more than 240 pages of regulations to fewer than eight pages. DoD is addressing potential cybersecurity risks by partnering with a vendor that will run security audits, and allowing the vendor to make changes in order to increase the cybersecurity of the system.
Essye Miller, deputy CIO for DoD, said that she’s been talking with industry about how the agency can use new technologies to accomplish its goals, especially when it comes to DoD’s Cloud Access Points, which protect DoD data from the rest of the commercial cloud.
“The [Cloud Access Point] has been seen as an obstacle for quick cloud adoption,” Miller said. “We’re making our requirements known and allowing industry to come back to us with potential innovations.”
DoD is using its own Cybersecurity Scorecard to collect monthly data on 11 cybersecurity basics to raise “cost and complexity to the adversary.” The metrics that DoD collects relate to high-priority items in the Cybersecurity Discipline Implementation Plan. DoD plans to shift from the Federal Information Security Management Act reporting mechanisms to its own scorecard metrics.
DOD is also working on replacing Combined Enterprise Regional Information Exchange System (CENTRIXS), its collection of classified coalition networks, with the Mission Partner Environment–Information System (MPE-IS). The new system will simplify and standardize information sharing through virtualization technologies. The new system also increases cybersecurity by reducing the number of access points, and provides a standardized suite of cybersecurity capabilities. The system aligns with NATO capabilities and uses all commercial products to increase information sharing.
MPE-IS is projected to be less expensive than the old system, according to Lt. Col. Jamie Davis, press officer at DoD. DoD plans to look at how to roll out the new system and quickly replace CENTRIXS in the fall.