The Defense Department (DoD) is seeking to make history by choosing one vendor as the provider for its cloud computing network. The victor will manage DoD’s Joint Enterprise Defense Infrastructure (JEDI) cloud, winning a 10-year, $10 billion contract and one of the fiercest bidding wars for federal IT in memory.
The contest to become JEDI’s vendor, however, has had many twists and turns. The heated competition has featured some of the world’s largest technology companies. After more than a year of conflict, however, the process unexpectedly froze in August 2019.
While JEDI’s future remains increasingly unclear, we can still examine what it is and how it might impact your agency. GovLoop is here to answer all your questions about this possibly pivotal moment in government technology.
This is the second part of GovLoop’s two-part series about JEDI. The first blog covered the JEDI saga so far and is available here.
What JEDI means for cloud procurement
Arguably the biggest lesson from JEDI is that agencies must carefully consider whether they want a single or multiple cloud providers.
Agencies that select one cloud provider risk lawmakers, media organizations and private-sector companies closely scrutinizing their procurements. DoD, for example, experienced court battles, delays and negative news headlines after trying to select one vendor.
Having one provider also means agencies trust a single entity with assisting their operational and security needs. With JEDI, DoD must assume one vendor can help protect its data and manage its IT systems for the length of a contract between both parties. By trusting one partner, DoD may be placing too many of its eggs in one basket.
Selecting multiple cloud providers, however, also presents problems. For instance, vendors aren’t equal – some may have clouds that are less consistent, reliable or secure than others. The more cloud vendors agencies have means the more contract negotiations they have too. These longer procurement processes can increase costs and delay deploying the technology.
Overall, agencies need cloud vendors that can meet their specific needs. DoD’s attempt to select a single vendor suggests the agency believes it will keep JEDI running smoothly and securely.
What JEDI means for cybersecurity
JEDI could have a ripple effect on how vendors construct their clouds to meet an agency’s unique security needs.
Take DoD for example, an agency which handles huge amounts of sensitive information. If placed in the wrong hands, DoD’s military data could endanger the agency’s operations, national security and even warfighters’ lives. To mitigate this risk, DoD needed a vendor for JEDI that could satisfy its needs.
JEDI, then, implies that agencies are taking their cybersecurity more seriously. Agencies are realizing that different data requires different security measures and clouds capable of providing them.
For vendors, JEDI proposes a future centered on agencies’ individual needs. For example, DoD handles military and intelligence data that requires stronger security protections that civilian data due to its sensitivity. By satisfying DoD’s data needs, a vendor ensures that it’s ready to meet the agency’s specific security demands.
Finally, JEDI seemingly predicts that the number of vendors agencies use for their clouds will also impact their security. During the JEDI bidding process, some competitors argued that relying on one provider left DoD’s cloud exposed to unnecessary risks such as vendor lock in. Cloud vendor lock-in occurs when agencies are contractually stuck with one vendor that isn’t meeting their needs – including security. DoD’s selection process, however, hints that agencies will rely on single vendors that can prove they offer strong cybersecurity.
Despite DoD’s attempted reliance on one vendor for JEDI, it’s worth noting the agency’s 2018 cloud strategy left the door open for work with other providers. DoD’s cloud strategy describes JEDI as the agency’s “General Purpose cloud,” or the main cloud for most of its needs. The strategy also calls for “Fit for Purpose” clouds, however, which are clouds capable of “supporting mission needs” JEDI can’t. Over time, this situation could result in DoD using cloud services for multiple providers.
What JEDI means for DoD’s workforce and beyond
JEDI isn’t a perfect crystal ball, but DoD does provide a look at how agencies might use their clouds going forward.
With JEDI, DoD is apparently banking on emerging technologies to help achieve its mission in the years to come. DoD’s goals for JEDI imagine a reality where its workers use AI, data analytics and IoT daily.
DoD pictures AI, for starters, as something its personnel rely on extensively for aid with decision-making, completing calculations and automating manual processes. Particularly, DoD expects AI to enhance its warfighters’ tactical advantages on the battlefield.
Next, DoD envisions data analytics as actively assisting both its civilian and military workers. Data analytics could potentially help all DoD’s employees analyze, comprehend and act upon information more quickly.
IoT is also on DoD’s map of the future. IoT devices could give DoD employees a boost by improving their information access, processing and sharing in combat. With the edge of data networks such as DoD’s growing daily, IoT can help ensure that the department performs well at the edge of its network. DoD can use IoT devices to extend how far its network can compute, store and share data over large distances.
The common thread among these tools is the cloud. Collectively, JEDI’s flexibility, reliability and scalability are expected to provide the foundation DoD’s workers need for these and other emerging technologies.