How Secure is the DoD JEDI Cloud?

The JEDI (Joint Enterprise Defense Infrastructure) is an enterprise level, commercial Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) solution to support Department of Defense (DoD) business and mission operations. The Pentagon’s JEDI cloud will be designed to store the government’s most sensitive classified information, including nuclear secrets. The JEDI Cloud groundwork is a zero trust security framework, and with good reason.

Why Zero Trust?
Data breaches still remain the greatest threat to cloud security, costing the average enterprise $1.41mn per breach, a recent report by cybersecurity firm Kaspersky found. That figure rose by almost $200,000 between 2018 and 2019, IT security budgets now average $18.9mn (compared to $8.9mn the previous year) and Kaspersky predicts that global IT spending in 2019 will reach $3.74trn by the end of the year.
When a company’s cloud servers are breached, millions of people can lose their data, companies can lose billions of dollars – some never recover. The consequences of a data breach somewhere like the Pentagon, however, could be even more devastating.
Zero trust refers to the narrowing of cyber-defensesfrom wide network perimeters to micro-perimeters around individual or small groups of resources. In moving to the cloud, DoD is assuming it’s a hostile environment.
What does JEDI Cloud Entail?
As a result, JEDI is a project that will see the DoD move around 80% of its data off-premises and, while it claims that the $10bn figure only represents about one fifth of its cloud investment, critics of the contract have written that keeping so much sensitive government information in a single cloud could create further security risks.
Although separate branches of the military and intelligence communities had beencutting their own cloud deals for years, the new contract outlines a unified IT approach for the entire Department of Defense, including classified and unclassified operations. The Defense Department’s JEDI cloud will be designed to host the government’s most sensitive classified data, including critical nuclear weapon design information and other nuclear secrets.
JEDI represents a massive jump in size and scale with Defense officials describing it as a “global fabric” available to warfighters in almost any environment, from F-35s to war zones. The JEDI Cloud contract is a critical first step toward an enterprise cloud solution that enables data-driven decision making and allows DoD to take full advantage of applications and data resources.
JEDI Cloud Classification and Security Levels
The DoD cloud initiativewill address critical and urgent unmet war-fighter requirements for modern cloud infrastructure at all three classification levels delivered out to the tactical edge. JEDIcloud services will be offered at all classification levels with military and defense determining which applications and data will be migrated to the cloud.
Contractors must be able to obtain the full range of top secret government security clearances, including Department of Energy “Q” and “L” clearances necessary to view restricted nuclear data.
Both full-time and part-time active duty military members and defense contractors with privileged access to a DoD information system are required by DoD Directive 8570 certification requirements to carry an approved certification for their particular job classification. The certifications involved in this directive focus on digital security, but no necessarily cloud-based security.
Cloud Certifications for Working on JEDI Cloud
While there are no specific directives indicating required certifications for working on or with the defense department’s JEDI Cloud program, the DoD Directive 8570 certification requirements are a good baseline to start.
With Microsoft winning the JEDI Cloud contract, the future may hold a move towards understanding Microsoft Cloud based security based on job roles. Microsoft currently has Role Based Certifications that show mastery of Microsoft cloud products such as Azure, Dynamics 365, Modern Desktop, and Microsoft 365. The Azure roles with certifications are Administrator, AI Engineer, Data Scientist, Developer, Data Engineer, Security Engineer, Solutions Architect, and DevOps Engineer.
It is safe to say that Microsoft cloud certifications will be a smart move for anyone planning to engage with the new DoD cloud. NHDoD offers Azure training and bootcamp trainingfor individual or group certification. If acquiring training using the GSA government procurement process, subsidy is available.

Related Posts

Palo Alto Networks Certified Network Security Agent (PCNSA) – This 97-video training by SPOTO trainer Keith Barker teaches security professionals the knowledge they need to create next generation security platforms and architectures, security policies, filtering, network monitoring, and security policies. The Palo Alto Networks Certified Network Security Administrator certification was created for security professionals as well as customers, value-added resellers, system engineers, system integrators, and system administrators. Our PCNSA training will give you the latest tools to protect networks against emerging cyber threats. It also explains in detail the core features and functions Palo Alto Networks next generation firewalls. This 15-part series covers topics like next-generation Security Platform and Architecture and firewall Configuration. Security and NAT Policies are also covered. You can watch a video of the series. The skills include: Palo Alto Firewall Lab, EVE-NG Palo Alto Security Policy Fundamentals Palo Alto Source NAT & DHCP Palo Alto Security policy Fundamentals Palo Alto Virtual Wire Interfaces Palo Alto App ID Palo Alto SSL/TLS Encryption Palo Alto Site to Site VPNs Palo Alto User -ID Training includes: 12 hours of training and 97 videos. Get started learning Palo Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto-to-to-to-to-to-to-to-ID Intro Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alo Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto Alto 97 videos Download

New Course: Palo Alto Networks Certified Security Entry-level Technician (PCCET). In this 36-video training, SPOTO trainer Keith Barker teaches security technicians the fundamental cybersecurity concepts, network security, cloud security concepts, as well as how to apply those concepts in a security technician role. This Palo Alto training is now available. It takes so much technical knowledge to keep devices and networks secure and safe that it can take a lifetime to master. But you must start somewhere. Palo Alto’s Certified Cybersecurity Entry-level Techniec certification was created with this in mind. Although the PCCET is thorough and comprehensive, it’s also designed for those who are just starting to study cybersecurity. The PCCET preparation is a great way to start learning about how devices, networks and clouds are kept secure digitally. You’ll also receive a certification from Palo alto, which can be a great career move. This 10-part series covers topics like cybersecurity basics, understanding interconnected networks, protocols, hubs and switches, and how to navigate various cloud technologies and their implementations. Watch a video of the series: This series includes: Network Security Fundamentals IP addressing Network Model Palo Alto Next gen Firewall Features Cyberattack Lifecycle Vulnerabilities Exploits and Risk Cloud Computing Security Strategies for Securing Networks Palo Alto SecOps SecOps The training includes: 3 hours of training 36 videos. Learn Palo Alto today Download