TRANSCOM Blazes Cyber Trail to Commercial Cloud
The U.S. Transportation Command was the first U.S. Defense Department organization to begin moving its cyber capabilities, along with command and control applications, to a commercial cloud environment. More than a year later, the unified command is making strides in transferring its unclassified systems and is sharing lessons learned that will make the path to cloud usage smoother for others to follow.
One of four functional combatant commands, U.S. Transportation Command (TRANSCOM) is responsible for mobilizing military forces, equipment and supplies around the world on a daily basis via trucks, trains, aircraft and ships, and it depends on reliable, timely and secure information to do so. In late 2017, the command announced it was the first to begin migrating its cyber capabilities to a commercial cloud. The effort also includes a number of command and control applications.
“We have a large portfolio of IT systems, and we’re moving the bulk of them. We’ve successfully migrated a handful of applications, but we are by no means done with that application migration. That effort continues. We are planning to have the majority of our unclassified portfolio migrated to the cloud in 2019,” says Col. Ivan Herwick, USAF, director, TRANSCOM Cloud Center of Excellence. “These are our command and control systems. These are critical IT systems for U.S. Transportation Command.”
The move will, among other capabilities, allow TRANSCOM to streamline and strengthen its security when working with industry partners while allowing them quicker access to vital transportation information. “We expect to leverage the cloud environment to increase resiliency and the speed of capability delivery and to improve the security of our enterprise while reducing the IT footprint that we have to own and operate and house on-premise,” Col. Herwick explains.
Transportation Command officials have made progress and are sharing lessons learned with others, including the office of the Defense Department’s chief information officer, the Defense Information Systems Agency and other combatant commands. They also are sharing information with the command’s service components, which include Air Mobility Command, the Army’s Military Surface Deployment and Distribution Command and the Navy’s Military Sealift Command.
“We still see ourselves as a pathfinder for the department, learning lessons that can apply to others as they go about their own migration to the cloud,” Col. Herwick says. “There are lessons learned upfront about how to develop a strategy for moving to the cloud and how to define success.”
The effort has been beneficial in other ways. “We’ve learned a number of lessons in terms of automation and our ability to use automation to speed up delivery and improve security. And we’ve learned a number of programmatic lessons that we’ve been able to share with some of our other DOD partners,” the colonel adds.
Some of the most important lessons learned, however, concern the migration of older technologies from a Defense Department-controlled environment to a commercial cloud. “A lot of the applications that we have in our enterprise today were not built with the cloud in mind originally,” he states.
“Some of these applications are fairly old. Some have roots that are decades old. Those applications grew up and evolved in an on-premises, DOD-owned data center environment,” Col. Herwick continues. “What we’ve learned is that not all of the applications are as easy to move as we thought they might be. It has taken us a while to correctly engineer the environment the way we want it.”
When the command first announced its move to the cloud, the plan was to migrate 22 applications by year’s end. The strategy included 19 systems associated with the Military Surface Deployment and Distribution Command collocated on Scott Air Force Base, Illinois, as well as some systems from Air Mobility Command and TRANSCOM itself. All other TRANSCOM programs were to migrate by July 2018. Several systems have been added since that initial announcement.
The command now is taking an application-by-application approach. “We’re not on the schedule we were [on in 2017]. Given what we’ve learned over the past year, we are applying those lessons learned to the migration of the rest of the enterprise,” Col. Herwick reports. “In some cases, that may mean an application takes a bit longer, but it’s for a better end result.”
Not all of the hindrances have been technical. “One of the biggest challenges is cultural. Moving to the cloud is not just about the technology. Moving to the cloud is about the potential to do business differently,” Col. Herwick declares. “In some cases, that is a complex transition from the organizational structure we have, the way we’ve structured contracts and the way we’ve structured ourselves to operate our current IT enterprise. We want to fundamentally change that IT enterprise.”
And the consequences are not always immediately identifiable. “With that come a number of second- and third-order consequences for the organization. That means we need to think about IT, the way we procure it, operate it. We need to think about information technology in our systems and our applications differently,” he elaborates. “It’s not just as simple as taking an application from one of our data centers and putting it in a commercial provider’s data center. This is an expansive change.”
He emphasizes that the command is working hard to accomplish the goal. “Rest assured it’s still a best effort sprint,” he says. “I’m optimistic we will see a significant portion moved in 2019.”
Transportation Command officials emphasized innovation from the beginning. To oversee the migration, they created a Cloud Computing Center of Excellence, which is a temporary assembly to oversee the migration. The center comprises about 20 people, including dedicated personnel and those who support the effort on an as-needed basis.
The command also teamed with the then-Defense Innovation Unit-Experimental (DIUx), which is no longer experimental and now known as DIU. They also teamed with REAN (pronounced rain) Cloud LLC, Reston, Virginia. On its website, the company promotes its REAN Accelerator Platform, which it says “acts as a catalyst for enterprise digital transformation initiatives reducing timelines from years down to a few months.”
Col. Herwick touts the innovation to be found in the commercial cloud market. That innovation, he indicates, includes “things that are very configuration intensive” and “the things that are very time intensive.” The cloud also “affords new ways of doing business as opposed to what we have inside a government data center,” and it offers new technologies and a “level of visibility into the environment that we can’t achieve on-premises,” he adds. “The other thing we’re using the cloud for is to set the conditions for getting after big data, machine learning, artificial intelligence and other IT initiatives.”
The colonel also reports the command already is seeing some benefits. “For those applications that we’ve moved, we’ve been able to leverage commercial cloud technology to be able to improve those applications, improve the resilience, and get more capability out of that application,” he says.
The bottom line, he stresses, is that the migration to cloud is about the added capabilities a cloud computing environment offers. “This is about command and control of a global mission. It is about understanding what is going on in that mission space, being able to affect the appropriate change at the appropriate time, providing resiliency and improving capability to support that mission space,” he says. “It is about moving ourselves onto a modern footing to be able to launch into those capabilities.”
