Cloud Computing for Spies?
US government intelligence agencies are working toward implementing a joint information technology system, a shared infrastructure that is simultaneously more secure and more open, and they’re looking to cloud computing to help point the way forward.
A Bloomberg article cites U.S. Director of National Intelligence James Clapper as saying that “cloud computing will play a major role as the nation’s spy agencies work to integrate computer and information systems to share more data securely.”
In Washington today, in front of the Center for Strategic and International Studies, Clapper discussed cloud computing’s “huge potential for achieving savings and promoting integration.”
According to the Bloomberg piece:
Intelligence agencies are trying to devise a way of tagging and labeling data to separate more sensitive information about sources and methods used to collect intelligence from the substance that operatives, analysts and officials need. The aim is to allow better information-sharing among traditionally secretive and turf-sensitive agencies without jeopardizing security.
A shared IT system such as this will need to address a unique set of security requirements. In addition to advanced tagging and labeling strategies, there need to be strict audit and accounting protocols to constantly monitor for unauthorized intrusions. Clapper sees these elements coalescing into a workable solution within the next five years.
The Obama administration supports the need for greater privacy measures for sensitive government files. In October, the President established the Insider Threat Task Force to help stop information leaks. In the Executive Order, the President calls for “structural reforms to ensure responsible sharing and safeguarding of classified information on computer networks that shall be consistent with appropriate protections for privacy and civil liberties.”
The opening statement of policy doubles as a succinct encapsulation of the challenge at hand:
Our Nation’s security requires classified information to be shared immediately with authorized users around the world but also requires sophisticated and vigilant means to ensure it is shared securely. Computer networks have individual and common vulnerabilities that require coordinated decisions on risk management.
In a somewhat controversial move, the White House has also ordered a study to assess the usefulness of commercial satellite imagery to national security.