Army PEO-EIS and the elements of modernization
The office’s project director for enterprise services discusses priority projects in an age of budget constraints.
The Army’s Program Executive Office Enterprise Information Systems, which manages $3.5 billion in IT assets, is the service’s lead IT organization, and is further along in some respects than sister services. Last year, notably, it moved unclassified and classified email accounts to the DOD Enterprise Email (DEE), hosted by the Defense Information Systems Agency. Its work cuts broadly across several dozen acquisition projects, or portfolios, from information assurance elements to biometrics to military pay and benefits.
PEO-EIS’ network modernization task principally includes Unified Capabilities (UC), the switch from Army Knowledge Online to DOD Enterprise Email and cloud computing.
Jeremy Hiers is PEO-EIS’ project director for enterprise services. In a wide-ranging discussion with Defense Systems contributing writer David Walsh in March, he touched upon surviving cost-containment and related topics.
DS: How great is the press for modernization - the transition from AKO, cloud involvement, etc. – when funding remains well down and enemies abroad transform from small arms-based insurgencies to mechanized forces?
HIERS: Information technology and the network are at the heart of everything the Army does. As the Army draws down end strength, a fully modernized and secure IT infrastructure is viewed as a fundamental enabler for the continued Army success — whether it be network modernization, data center consolidation, application rationalization, and/or effectively leveraging the benefits of the cloud. In this time of rapid technology innovation and greatly constrained fiscal resources, the Army must be equipped with a modern, efficient and forward looking infrastructure.
DS: Lots of information systems — large portions of the Army's and other services' networks — are legacy. Does this complicate migrating data to the cloud vs. building all-new infrastructures?
HIERS: Yes and no. DOD is in the process of realigning, restructuring and modernizing how the department's IT networks and systems are constructed, operated and defended. The concept is the Joint Information Environment [JIE] and it improves in many ways from previous network constructs. Its foundation is an open architecture, defined standards and specifications, shared IT infrastructure, and common ways of operating and defending all DOD networks.
DS: What are other core appeals of network modernization today?
HIERS: Modernization brings us a great opportunity — whether it be legacy networks, or application migration — to take a hard look at our current assets, processes and future requirements to make sure Army is moving in the right direction with the right tools.
This mission further allows Army to standardize and streamline our way of doing business. The use of cloud is just one part of the overall infrastructure — but it offers significant advantages, such as a flexible data storage that can be tailored to meet the accessibility and security needs of the Army.
DS: With sequestration, costs of duplicating and moving vast amounts of data to the cloud seems monumental. Do any of DOD-available commercial cloud services offer redundancy, archiving or backup?
HIERS: All available services offer some form of redundancy. In some cases, there is some inherent redundancy via replication of data across a data center or availability zone, provided without additional cost. In other cases, redundancy/archive/backup can be achieved by replicating some or all of the data across data centers, with physical distance requirements being met, at some additional cost.
DS: What storage protocols can you mention?
HIERS: The DOD Approved Enterprise Facilities (DODAEF) currently provide redundancy, archiving and backup at different [security classification] levels to support systems/applications migrating to cloud environments. The ... capabilities vary by cloud service. It is critical to identify the appropriate security, IA [Information Assurance] and technical requirements to identify the optimal cloud environment for the systems/applications prior to migrating to ensure the target hosting environment can support the system or application’s redundancy requirements.
The Army Application Migration Business Office assists system and application owners in the identification of cost drivers and provides technical subject matter expertise that aids system and application owners in migration planning and requirements definition for the “To Be” hosting environment.
DS: Are Unified Capabilities, DOD Enterprise Email, strategic sourcing and cloud computing more or less of a piece?
HIERS: As the Army moves into the future, having an enterprise approach to communications and collaboration will be key. Therefore, as we look to secure a Unified Capabilities solution and a cloud computing way ahead, we must make the solutions tie together to ensure we maximize the efficiency that an enterprise approach will provide the Army.
DS: In a nutshell, what justifies Unified Capabilities’ existence?
HIERS: UC is another vital foundation for the Army’s IT future. By centralizing the enterprise-level provisioning of integrated real-time communications — voice, video and data — users will get more capability more quickly, all the way down to the tactical edge. Additionally, UC will greatly enhance [security for all communications] through full integration with DOD PKI [public-key infrastructure]. In addition to the operational efficiencies and enhanced security that UC will provide, the Army expects UC to reduce costs through leveraging its enterprise buying power and to divest expensive legacy infrastructure.
DS: The cloud is getting much attention, but it seems clear PEO-EIS’ disparate pieces intersect with DISA and other shops.
HIERS: The Army [must] reap the advantages that each brings — the efficiencies, increased security, and scalability. A common operating environment, whether distributed [cloud] data storage, UC, or application standardization, will allow the Army to move forward efficiently, and increase the availability of key information across the Enterprise.
DS: How can the cloud save DOD money and time and enable speedier deployments?
HIERS: Cloud computing enables on-demand network access to a shared pool of configurable computing resources — networks, servers, storage, applications and services. Cloud resources can rapidly be provisioned and released with minimal management effort or service provider interaction; thus providing efficiencies and cost effectiveness.
Moving to cloud-based solutions will enable the Army to better focus limited resources on meeting evolving mission needs. This will significantly boost IT operational efficiency, improve mission effectiveness and position the Army to more quickly adopt innovative and emerging capabilities.
Through cloud service providers approved by DOD and the Federal Risk and Authorization Management Program [FedRAMP], we can work with industry to improve the overall efficiency.
DS: Has PEO-EIS’ and DISA’s enterprise email-to-the-cloud initiative set a precedent, suggesting wide acceptance for other applications and programs?
HIERS: Our Department of Defense Enterprise Email has proven very successful and gives us a lot of confidence about moving more applications and data to the cloud. It centralized nearly 1.6 million Army users from approximately 40 disparate legacy email systems to a secure DISA managed email service (in 2013) designed to increase efficiency and eliminate inefficient network configuration.
DS: Cloud computing and related pieces are relatively new. What are the security/vulnerability ramifications of commercial firms and services?
HIERS: Protecting the network and information plays into every choice we make about architecture, capability and use. As such, the DOD is taking a very thorough approach to the security in the Cloud, both from a commercial vendor and a skill-set perspective. The Army is complying with all DOD, DISA, and NSA security guidelines, and applying security controls such as the Risk Management Framework and FedRAMP+.