The JEDI (Joint Enterprise Defense Infrastructure), is an enterprise-level, commercial Infrastructure as a Service and Platform as a Service solution to support Department of Defense (DoD), business and mission operations. The Pentagon’s JEDI Cloud will store sensitive classified information, including nuclear secrets. The JEDI Cloud foundation is a zero trust security framework.
Why do you need zero trust?
According to a Kaspersky report, data breaches are still the biggest threat to cloud security. They cost the average enterprise $1.41mn per breach. This figure rose by nearly $200,000 between 2018-2019, IT security budgets now average $18.9mn (compared with $8.9mn in the previous year), and Kaspersky predicts that global IT spend will reach $3.74trn by 2019.
Millions of people could lose their data if a company’s cloud servers were compromised. Companies can also lose billions of dollars, some of which never recover. However, data breaches at places like the Pentagon could have even more devastating consequences.
Zero trust refers the narrowing of cyber defenses from large network perimeters to small areas around individual resources or small groups. DoD assumes the cloud is hostile by moving to it.
What does JEDI Cloud entail?
JEDI, the DoD’s move to off-premises data, will see it move around 80% of its data. While the DoD claims that the $10bn figure represents only about one fifth of its cloud investment in cloud computing, critics have suggested that the DoD could be putting too much sensitive information in one cloud, creating additional security risks.
The new contract, which covers all of the Department of Defense’s IT operations, includes classified and unclassified, outlines a unified IT approach. The Defense Department’s JEDI Cloud will house the government’s most sensitive classified information, including critical nuclear weapon design information.
JEDI is a significant increase in size and scope. Defense officials describe it as a “global cloth” that is available to warfighters in virtually any environment, including F-35s and war zones. The JEDI Cloud contract represents a crucial first step towards an enterprise cloud solution that allows data-driven decision making and allows DoD full use of applications and data resources.
Security Levels and Classifications for JEDI Cloud
The DoD cloud initiative will address urgent and critical unmet warfighter needs for modern cloud infrastructure at all three levels of the tactical edge. JEDIcloud services are available at all levels, with military and defense deciding which applications and data will migrate to the cloud.
Contractors must have the ability to obtain all top-secret government security clearances, including Department of Energy Q and L clearances that are required to view restricted nuclear data.
DoD Directive 8570 certification requirements require that all active duty military personnel and defense contractors with privileged access into a DoD information systems must have an approved certification for each job classification. This directive covers digital security, but not necessarily cloud-based security.
Cloud Certifications for JEDI Cloud Work
Although there are not specific directives that require certifications to work on or with the JEDI Cloud program of the defense department, the DoD Directive 8570 certification requirements provide a good starting point.
Microsoft’s win of the JEDI Cloud contract may signal a shift towards understanding Microsoft Cloud-based security based upon job roles. Microsoft currently offers Role Based Certifications that demonstrate mastery over Microsoft cloud products like Azure, Dynamics 365 and Modern Desktop. Administrator, AI Engineers, Data Scientists, Developers, Data Engineers, Security Engineers, Solutions Architects, and DevOps Engineers are the Azure roles that come with certifications.
Anyone who plans to use the new DoD cloud will benefit from Microsoft cloud certifications. NHDoD offers Azure training, bootcamp training for individual and group certification. Subsidy is available for those who purchase training through the GSA government procurement process.