CIA to Pay 600 Million for First Private Amazon Cloud
Amazon Web Services has inked a massive deal with the Central Intelligence Agency (CIA) to build the top spy agency a private cloud. The 10-year contract is valued at $600 million, according to a report by Federal Computer Weekly.
Citing unnamed sources, FCW revealed that the e-commerce giant will create a private cloud infrastructure for the CIA aimed at “help[ing] the agency keep up with emerging technologies like big data in a cost-effective manner not possible under the CIA’s previous cloud efforts.”
The CIA has been adopting cloud-friendly technologies for some time now as part of the federal government’s Cloud-First push, and while most government endeavors hold security as a top concern, data privacy is sacrosanct for the intel community. Locating a private cloud behind intelligence community firewalls, however, negates concerns over hosting data in a public environment.
While neither Amazon nor the CIA has confirmed these reports, the CIO’s chief technology officer Gus Hunt offered some insight. Speaking at the GigaOM Structure:Data conference, Hunt revealed that the CIA’s data strategy is to collect a lot of intel and “hang on to it forever.” And in a later interview, Hunt was quoted as saying, “the cloud will be onsite over (the classified) fence,” which is probably the closest we will get to a confirmation of the Amazon cloud deal.
Another CIA spokesperson told FCW that the agency “as a general rule…does not publicly disclose details of our contracts, the identities of our contractors, the contract values, or the scope of the work.”
Naturally! Still, there have been multiple reports, both on- and off-record noting the CIA’s interest in cloud technology, specifically for its cost-effectiveness and data-taming abilities. So far, the agency’s cloud strategy has focused on multiple, smaller task-specific private clouds. Details of this latest project are scant, but it’s reasonable to expect that the CIA with Amazon’s help will seek to duplicate the AWS infrastructure and secret sauce within their own firewalls so as to maintain tight control of classified and other sensitive data.
But one wonders why the CIA wants to go through the difficult and time-consuming task of replicating an open cloud for in-house use when there are numerous cloud-building frameworks that are much more suitable for the task at hand, for example, the AWS-compatible Eucalyptus private cloud or any of the OpenStack private cloud distros. What about Nimbula (just acquired by Oracle)? The company was founded by the team who built Amazon EC2, who then created an IaaS framework designed for “customers seeking Amazon EC2-like services behind the firewall.”
Perhaps the CIA was enamored with the fact that Amazon already has a dedicated public cloud for the government sector, the AWS GovCloud service. Or it could be that the agency appreciates the fact that some of Amazon’s top security personnel are former intelligence officials.
As El Reg points out, AWS Chief Information Security Officer (CSO) Stephen Smidt served as section chief for the FBI for 10 years, while AWS Deputy CSO Carl Moses occupied the role of FBI Assistant Section Chief for almost four years, and Andrew Doane, director of security products and services for AWS, spent six years as a technical director within “the US Intelligence Community.”
Amazon, for its part, has publicly dismissed public clouds in the past; is the company changing its tune? If Amazon is really entering the private cloud space, this will be a big upset to numerous cloud vendors – among them HP, Citrix, IBM, Cisco and Oracle and many more – who are counting on the private cloud biz as the next big revenue generator.