8 March 2018

Army Extends Secure, Secret SIPRNet to Combat Cell Phones


by Warrior Maven

The Army are working with industry to extend commercial cloud technology to mobile devices as part of a broad effort to both improve access to data and provide security for forces on the move. Army weapons and cyber engineers are leveraging commercial cloud technology to bring secure, secret connectivity to mobile devices increasingly being used by soldiers on the move in combat situations.  The idea is to help extend the military’s SIPRNet down to everyone, including dismounted units and those on the tip-of-the-spear in combat. Such technology brings the possibility of changing the paradigm regarding the transportable accessibility of classified information, according to DISA leaders, who are working with the Army on this.

Drawing upon hardened commercial cloud networking technology, soldiers, sailors or airmen using smartphones and tablets will have secure access to classified networks. By extension, a commercial cloud can enable secure networking such that smartphone applications themselves can be better protected.

As part of this broadly-scoped DOD effort, industry giants like Microsoft are working with the services to extend cloud-based security and connectivity to mobile devices.

“We can move data out to a commercial cloud and leverage that information out to the tactical edge. This enables DOD to do things with data today that they have not traditionally done,” Leigh Madden, general manager of Microsoft’s U.S. defense business, told Warrior in a previous interview.

Madden said that building upon current operational success with these kinds of initiatives, Microsoft is also working in tandem with DOD to harden connections to mobile devices.

DISA officials emphasize that mobile devices can, as part of the effort, also leverage various methods of multi-factor authentication.

The Army’s Unified Capabilities (UC) program is a key example of how this strategy can be implemented, according to developers.

The UC effort is based on an Army-AT&T collaborative effort to leverage the commercial cloud to improve networking interoperability using voice, video, screen sharing and chat functions for one million service business leaders on both classified and unclassified networks.

"Unified Capabilities is one of the first commercial cloud-based solutions that will be delivered across the Army Enterprise," Sergio Alvarez, product lead, Enterprise Content Collaboration and Messaging, told Warrior Maven in an interview last year.

By using a commercial cloud, users will be able to draw upon software to access voice services from any Army-approved end user device--desktops, laptops, tablet computers and smartphones.

Many senior DoD leaders, such as former Pentagon CIO Terry Halvorsen, have told Warrior Maven that security patches, updates and improvement are often made more quickly and efficiently by using commercial technology. Overall, DoD and the military services are moving quickly to integrate commercial tech, given the rapid pace of change and innovation.

Forward-deployed or dismounted soldiers will have an ability to connect and share combat-relevant data from farther distances, potentially beyond an otherwise limited network.

“This is a commercial off-the-shelf (COTS) effort that avoids a capital investment. There are many benefits to COTS--including saving money on initial investment, meeting IT requirements while avoiding costs, lowering maintenance investments and enabling cost-effective new upgrades,” an Army statement said.

The service will also provide video conferences and desktop sharing services, as well as multi-user chat functions.

As is the case with desktop systems, the strategy for this kind of cloud execution is often described in terms of centralized control – decentralized execution, DISA leaders explained.

Perimeter security, however, is still needed at both centralized locations and what’s called off-premises locations.

When it comes to more traditional fixed locations, increased cloud networking and security at a central server location brings the added benefit of helping implementation and security for the ongoing Joint Regional Security Stacks (JRSS) effort.

Cloud-based security initiatives, able to leverage network-wide virtualization, have an ability to more broadly protect networks – as compared to previously more stove-piped or fragmented security techniques.

No comments: