Dive Brief:
-
The Pentagon’s inspector general says an audit of the Department of Defense revealed that a lack of a standard definition for cloud computing across DOD is weakening CIO Terry Halvorsen's effort to roll out department-wide cloud services.
-
The IG report says that savings from cloud adoption cannot be determined with the current contracting information available.
-
Halvorsen pledged to build a data-driven approach to cloud when he took over as the Pentagon's CIO in May 2014.
Dive Insight:
Halvorsen's goal for DOD was to use data to compare IT performance across the military services, and then take those numbers to industry to set clearer expectations in contracting. But the IG's audit, conducted from December 2014 to October 2015, found that the military services and the DOD CIO lacked a central hub for contract information.
"DOD cannot determine whether it achieves actual cost savings or benefits from adopting cloud-computing services," the audit report states. "In addition, without knowing what data DOD components place on the cloud, DOD may not effectively identify and monitor cloud computing security risks."
DOD officials are evaluating protocols for allowing commercial cloud providers to handle classified data.
The IG recommended Halvorsen’s office either establish a department-wide definition of cloud computing or clarify how the National Institute of Standards and Technology's definition applies to DOD cloud contracts.