DISA faces bumps in road to enterprise services
DISA is leading DOD's push toward enterprise services, but one top official concedes that it faces serious challenges along the way.
The network is a powerful tool for the military, and its current incarnation is the beginning of Defense Information Systems Agency efforts to take advantage of network capabilities by linking all the Defense Department together through enterprise services, according to a top DISA official.
Enterprise IT capabilities are critical to modern military operations, and DISA is leading in the development of those capabilities, Vice Director Adm. David Simpson said Aug. 9 at the AFCEA Warfighter Support IT Day conference in Vienna, Va.
“We have to look at [capabilities like] the Global Information Grid as a part of operational forces – a combat system,” Simpson said.
The constantly changing requirements are just one situation DOD must be ready for -- and take advantage of -- as it moves toward enterprise services, he said.
But the always-moving cutting edge is far from the only challenge, he said.
Simpson acknowledged DISA’s struggles to implement its ambitious Army enterprise e-mail program, which has been had hurdles and controversy as it runs behind schedule on an operational hiatus.
A recurring problem has been the ability to scale the massive project to eventually provide for more than a million Army users, and potentially more if the rest of DOD were also to implement it. Nearly 90,000 accounts so far have been migrated to enterprise e-mail, according to Army CIO/G-6 Lt. Gen. Susan Lawrence.
Getting to a million-plus will require a shift in approach, Simpson said.
“We’re learning that 90,000 isn’t a million and a half. We’ve got to have services orientation really to scale up to that. So as DISA enters into the provisioning of enterprise services we’ve got to take on a services management framework orientation,” he said.
Beyond enterprise e-mail, the current iteration of cross-domain solutions isn’t working, Simpson said.
“Cross-domain solutions are too slow. It isn’t getting us the agility we need. It hasn’t been working for a while now in cross-domain services,” he said.
He said future solutions may require a new security framework, including security tokens used in tandem with authentication and improved attribute-based access controls that enable better collaboration and balance “need to know” with “need to share.”
Security hinges on the level of risk acceptance – an idea that tends to fluctuate between policies of locking down information and getting critical information out in the field as soon as possible, Simpson said.
“Risk acceptance is a pendulum that swings back and forth…we need a better way to balance risk across the globe and across the theaters of operation,” he said.