Army says data consolidation improves security and cloud migration
An ongoing Army effort to modernize AKO and other data systems is accelerating a service-wide data consolidation plan.
Army IT developers say ongoing efforts to expedite the service’s Data Center Consolidation Plan are reducing the global hardware footprint, increasing security, lowering costs and accelerating a massive migration to the cloud.
The plan seeks to reduce the number of physical global data centers while increasing secure global access to relevant information.
Moving the Army Knowledge Online (AKO) data system to the cloud is a key element of the consolidation and cloud migration efforts, service officials said.
“Army users will have access to all the Army resources they may need to get to. They can save story files on the portal and get to them from anywhere in the world,” said Sergio Alvarez, product lead for enterprise content, Program Executive Office Enterprise Information Systems.
The service’s Enterprise Content Collaboration and Messaging (EC2M) is currently in the process of giving AKO a new look and feel as well as an upgraded platform. Alvarez said the Army plans to complete a migration to AKO 2.0 by 2018.
Among other things, AKO provides pertinent training, human resources and personnel information across the service; now, a user will be able to access saved files such as a Word document or PowerPoint presentation on a central cloud server to expedite global access to mission information, regardless of physical location.
“AKO has been targeted to transition to an Army approved data center – a series of data centers within the Army that have been involved. This includes being able to move to commercial cloud providers,” Alvarez added.
The EAMS-A capability provides an Identity and Access Management (IdAM) solution for Army applications, regardless of system configuration or hosting location.
“EC2M is also replacing the AKO Single Sign-On service with Enterprise Access Management Service (EAMS-A),” Army officials with Program Executive Office Enterprise Information Services stated.
Data consolidation, Alvarez further explained, not only brings economic efficiencies but provides a substantial increase in data security.
In particular, consolidation enables more extensive use of a buffer network or intermediate access layer to a central server called Content Delivery Network service, or CDN. CDN, which operates using a cache environment, increases security by limited possibilities for access.
“If there were some kind of penetration, the level of penetration is only going to get to the CDN. Also, if someone is trying to penetrate, the system has protocols in place that will detect attacks and shut down transfer services,” Alvarez said.
CDN is configured, through IP protocol, to engineer a web-access firewall to enable secure user activity.
“If you are trying to penetrate, it has protocols in place that will detect attacks and say ‘shut this down and transfer services to a different user,’” he explained. “The attacker never gets below the CDN network.”
Alvarez said this technology can stop denial of service attacks - where an attacker tries to overwhelm and shut down a central server thousands of requests to try to knock it out.