Air Force General Counsel Blog The chief legal officer and chief ethics official of the Department of the Air Force


“milCloud” – Competing against the Private Sector?

On March 18, the Defense Information Systems Agency (“DISA”) announced the milCloud service, a government-operated cloud tailored to DoD needs. Two computing centers have implemented milCloud for DoD’s unclassified network (NIPRnet), with a version of milCloud for the classified network (SIPRnet) expected this spring.

While cloud service providers must comply with hundreds of technical standards under the Federal Risk and Authorization Management Program (“FedRAMP”) and National Institute of Standards and Technology Special Publication 800-53 (“NIST SP 800-53”), milCloud was not evaluated against those controls, leading industry to voice concern that there may not be a level playing field:

"Why doesn't DISA just leverage what industry already has?" the executive said. "If you're building all these impact levels and you expect more than one provider to get to Level 5, why do you need to build your own?"

DISA has indicated that DoD is planning to assess milCloud using FedRAMP controls in the future.

The CIA, on the other hand, awarded a $600 million contract to Amazon Web Services in 2013 so the agency could avoid the cost pitfalls and challenges of doing the work itself. DISA has not released milCloud’s price points, and FCW cites a brief it obtained to suggest milCloud has myriad technical issues including multihour downtimes, slow transfer rates and user disconnections.

Whether milCloud will be a viable “competitor” or alternative to private cloud service providers remains to be seen.

Derek Santos
Associate General Counsel