Who We Are
NJVC is the engine of the secure, integrated enterprise, delivering mission-critical IT solutions for critical missions in enterprise management & monitoring, hybrid IT transformation & optimization, cloud migration and cybersecurity.
To help provide answers to these questions, the U.S. Transportation Command (USTRANSCOM) hosted the 2014 CIO Industry Partnership Forum last week at Scott Air Force Base, IL. Brig. Gen. Sarah Zabel, USTRANSCOM CIO, invited industry representatives to brief more than 100 leaders from USTRANSCOM and other various Combatant Commands and additional special guests during this full-day event focused on cloud computing considerations for the military.
NJVC was honored to be invited by Zabel to present a special session on cloud security—an increasingly focus in cyber security. Steven Thomas, NJVC director, technical operations, and chief engineer on one of the company’s programs with a large defense and intelligence customer, led the presentation, which provided knowledge and lessons learned gained from experiences overseeing the move of the customer’s mission data and applications to the cloud. NJVC directed the transition of the customer’s data center environment from a legacy stove-piped set of physical servers to a modernized cloud architecture and managed service framework. NJVC also hosted and transitioned more than 300 distinct mission systems or production entities for this customer. This important work to transition systems between data center environments gives NJVC unique, first-hand cloud migration experience in support of one of the most demanding IT environments in the world, and allowed us to establish a proven, standard, scalable process to support any system migrating between physical and cloud architectures.
Among the key takeaways from Thomas’s presentation are:
Thomas emphasized that specific to the military, cloud environments should improve overall security levels and establish an enhanced security posture. However, certain factors must be considered: detection capabilities must be cloud-specific and provide near real-time data to consumers, authentication/authorization must be robust and be integrated with Department of Defense (DoD) identity management models, security sensors need to monitor both the interior and exterior of the cloud and send alerts to both the CSP and mission system owners, and operational capabilities must be constantly maintained and allow for agile rapid deployments. All organizations operating within a cloud need to leverage DoD and FedRAMP processes and approved security authorization requirements as a baseline when initiating, reviewing, granting and revoking security authorizations for cloud services. CSPs also need to meet DoD and FedRAMP requirements for contractual provisions, along with other important considerations.
For more information, please view Thomas' presentation below or contact us.