Good afternoon, everyone.
I'm Jason Martin.
I'm the services executive here at DISA.
Been here almost 18 years
and I've been working in the
same space for almost 18 years.
So I feel like I know this pretty well.
But what I'm going to talk to you today
is about the change in evolution that
we're starting to go through
or that started to go through
a couple of years ago
that we’re really now starting to realize
and what we've been able
to do and where we're going.
All right. This is my domain with
the support of Mr. Osborn,
Mr. ,
Mr. Rodakowski, Mr. Bennett.
This is really what we've built
inside of operations to run
the DISA data centers
and the DISA enterprise services.
So everything you see
on the screen today is really
how we're operating at truly
the enterprise level.
So there was a question.
We just left the media roundtable
a couple of minutes ago
and there was a question
from someone in the media that said,
how is DISA adapting to
supporting the enterprise again
after years of doing point solutions?
What you can see is what
I'm doing with support
of the operations folks
to provide those capabilities.
So you've seen us grow
in a number of areas.
I'm sure you've seen some version
of this chart before.
But about a year ago, we had a couple
thousand users on the voice capabilities.
Well, now, we've got 85,000.
We've also got a global footprint
that you see there in the yellow circles.
At the same time, we've also
downsized the data centers.
We've gone from, gosh, in the past
10 years, we've reduced 10 data centers
and eliminated over a half a million
square feet of raised floor space.
So we're able to continue to do all this
to investing in these new capabilities
by truly bringing
enterprise solutions
and really working across the enterprise
to change the way
we're doing business
and to change the way that we
as a department are doing business.
I was out at AFRICOM last week
doing a symposium on enterprise services
and computing at the tactical edge.
Based on what we've done
in the past couple of years,
we truly can now do things
at the tactical edge.
We've got big supporters in AFRICOM.
We've done significant work over
the past year with the Army
to bring new solutions
to the tactical edge
which the enterprise
has really talked about for years
and we've been doing
with things like DEE and DEPS
but now, we're trying to do it
with voice, UC, et cetera.
So what we've really talked about
on the services side of the house
is how do we
continue to do that.
The next evolution that we're
going to talk about today
and that you see in the press and
it's pretty much everywhere is Cloud.
How are we doing Cloud?
What the agency has done
with support from DoD CIO
is we went off
and awarded the 2. 0 contract.
I was involved in the 1. 0 initial build.
We've taken that, evolved it into 2.0
and now, we ourselves have
put over 30 applications
on the capability itself to date.
So now, what we've done
is prep the environment.
We've really brought up a capability
now that people can use,
leverage and we're starting to run with
that across the fourth estate and the DoD.
And then finally, I'll get into
a little more detail also
but what we're doing now and placing
heavy emphasis on is really integrating
us with the commercial vendors’
off-premise solutions for Cloud
with the secure Cloud computing
environment that we've built out
also known as
the Cloud access points
or capabilities within
the CAPS, we call them.
So that's really where we’ve placed a lot
of emphasis, time and effort over the
past six months and I'm going to say, we
will continue to over the next year or two
as we continue to move
people onto the CAPS
and the NIPR side and
as we build up the SIPRCAPS.
All right.
This is really the foundation
for what we've been
able to do on the services
side of the house.
And I'm really just going to walk you
through what it is that we've built
and help you explain how
we're now offering that
to both the enterprise
and the tactical level.
You see at the bottom,
the IDAM capabilities.
Lisa talked a little bit earlier
about ICAM and IDAM and what
they're doing from mobility perspective
and then to further evolve PKI.
We've leveraged PKI.
We've also worked with DMDC
over the past five or so years
to roll out enterprise services.
Those enterprise services for identity
management have been critical
to not only building
our enterprise applications
but now offering
that service across the DoD.
So we have a single authoritative source
of identity data to ensure
that we have secure access
to both applications
and point devices, et cetera.
That is truly the underpinning
and the foundation
for what we're doing
across the Department.
I've got two other
services as part of that,
which are push-pull
services for identity.
I actually worked an issue
this morning with the Navy
who needed the data sooner
than what we were able to do it.
So we pushed a few buttons
and been able to move that
a little quicker just
to give the Navy, again,
enterprise data so they can make
enterprise authoritative decisions.
Something we couldn't do
a couple years ago.
Finally, to secure all
that, big buzzword also,
I heard someone say buzzword
earlier today, VDI.
VDI, we did roll out.
We did roll it out though.
Not for the enterprise
at large but only for the folks
that really have access
to privileged information.
So our entire privileged
user base is now
using a scaled-down version
of an enterprise VDI.
Very, very excited about that capability.
Without giving you
the real numbers, I'll give you close to.
We've been able to eliminate
over 200,000 user accounts
simply by developing a single
authentication solution
and a single entry into that solution.
So from a security
threat perspective,
threat vector perspective,
that's pretty good.
I mean, we dramatically reduced
the threat vector simply by instituting
two solutions that we worked with industry
to build over the past couple of years.
They are FOC and so we are really
excited about how that's rolling out.
And then we're just continuing
to onboard more and more folks
that manage applications
inside of our data centers.
Then we're in the process also,
I don't know if they've talked about it
on the innovation side
of things yet or not
but we're also trying
to offer that outwardly
across the Department
so we can provide
those same methods, TTPs,
procedures and toolsets
to be able to provide that same
capability to ensure that others
can leverage those
privileged user capabilities
in their environments as well.
I talked about milCloud 2.0.
Again, what we've built inside the data
centers, the ecosystem data centers
is the authentication and identity
mechanism for milCloud 2.0
also for the DISAdata centers.
As you likely know,
the DISA data centers
have changed dramatically
over the past couple years.
I mentioned downsizing but I've also,
in terms of floor space and sites
but we have also dramatically reduced and
changed how we run the ecosystem today.
Don't come to me and say, DECCs,
those aren't a thing anymore, right?
It's the ecosystem data centers.
But it truly is managing
things differently.
We have nine different lines
of business out that are accountable to
one person in Oklahoma City
where the ecosystem is headquartered.
They run all business operations
in and out through Oklahoma City
as a single entity
and then obviously,
we work with the Cyber Operations
Directorate to ensure that
we report out, monitor and manage
the data centers accordingly.
But that's also, again, out
of that single foundational data point
that we've run on the data
services side of the house.
Cybersecurity, I talked about.
This is now the gateway for us
for the foundation to bring in
off-premise solutions to communicate
with off-premise solutions.
Be it service providers, customers,
data managers, data providers, et cetera.
We've built all that out
using commercial industry
multiple locations across the country
in ways of meet me points
and various toolsets
to provide those
communication capabilities.
We've done all that in conjunction
with the data centers.
And now, those two groups
work hand-in-hand to operate
out of the data centers those
commercial access points.
So in the end, again, really,
what you thought you knew about
DISA operations, DISA data centers,
DISA enterprise services
is dramatically different.
We truly are a partner
with not only industry.
We truly are partners
with our mission partners
and we truly are partners across
the Department and federal
government to ensure all
this stuff works seamlessly
and it's just simply
by changing a few basic
fundamental and foundational
capabilities to do that.
So where I'm going, I mentioned
all these things but
just briefly, data centers,
we continue to restructure.
We’ll be done by 2020.
So you will see a full-blown ecosystem
managed via lines of business
at that point in time.
milCloud 2.0,
we continue to onboard folks.
We do a significant amount
of speaking engagements and daily,
when I say daily, truly daily, multiple
times a day, meetings with customers
to ensure that they understand
what they're coming into,
how they're going to consume our services,
what they need to consume them
and who they need
to work with to do that.
So I see that ongoing
for the foreseeable future.
Secure cloud computing architecture,
I talked about as well.
We continue to evolve.
We’re adding bandwidth capabilities.
We’re adding monitoring
capabilities, toolsets,
onboarding processes, procedures, etc.
to ensure we can bring on who we need to,
when we need to at the speed
they need to be brought on.
Virtual desktop, I talked plenty about.
Capacity services, I'm sure
you guys are familiar with those.
Those really and I'm going
to say revolutionized but about,
I think it's been 11 years ago,
we awarded our first contract.
They've been nothing but successful.
We've continued to see prices
go down year after year.
We've continued to see
partnerships amongst industry,
amongst the various OEMs on both
the hardware, software side.
So I think that's been a great success
and it was interesting and I heard
at the AFRICOM symposium last week,
I heard one of our former mission
partners who's now a vendor say,
“DISA has this really great capability.
Here's how it works.”
And I thought, “That's not what
you said to me a year ago."
But it's great that
they start to see that now.
Maybe there's an agenda
behind that but I don't know.
But truly, we have seen a lot of economies
of scale and a lot of really big
cost reductions across the Department
by implementing this capability.
2.0 Level 6, SIPR side of the house,
we're working on that right now
with our vendor to bring that up which
should be done the first part of next year.
Tactical voice services,
I touched on this briefly.
We have--
We brought this to the Army.
The Army as you may know has,
well, the Army has a lot of solutions.
I'll leave it at that.
What we've really tried
to get to the Army to do
is to be able to have them
integrate into the enterprise.
In turn, saving all of us money.
So I think we finally got traction.
We've got some really
good pilots going
with true tactical
battalions and a brigade.
Something that we've never done before.
We're able now to communicate through snap
and gate terminals with UC capability.
Something that the Army's
not been able to do.
So we are very excited about that
and I continue, I've got
four pilots right now.
I continue to do more.
I'm also working with some other parts
of the Department to do that as well.
So exciting times for us in that area.
milCloud 1.0,
even though it was one of our
forerunner in Cloud, it's been good.
We've taken the lessons learned
and roll that into 2.2 or in 2.0.
So I think about this time next year,
I would expect to see 1.0
be completely decommissioned
and all the capabilities onto 2.0.
The CAP I talked about and then
active directory federation services,
I also spoke about and how
we're trying to push that out
to support mobility initiatives,
Cloud capabilities, et cetera.
This is something that's
incredibly important, again,
for identity credentialing
management.
Something that the Department
really needs
and something that we've
started to develop
a little bit more
and really push that out.
So with that said, I have
30 contracts right now
totaling multiple billions
of dollars that I can't talk about
because they're in source selection.
So with that said,
I'm going to talk about these two.
I have two maintenance contracts.
One is the CA Software
contract maintenance renewal
and then the SKIWeb
and enterprise messaging integration,
sustainment integration
which is a capability we've had
for about 12 years now, I think.
So I covered a lot of stuff
really quickly but that's it.
What questions do you have?
JIM: What are your plans
for voice cyber security?
Especially where your networks
intersect with commercial voice?
So great question.
We spend a lot of time with Mr. Greenwell
and the various parts of the Department
that do provide their own voice services.
So what we've done in conjunction
with our friends out at
the Defense Global Operations
Center at Scott Air Force Base,
our AO and then our vendors,
what we've done is we've gone through
and built packages and built
network architectures
to ensure that we are compliant
with the necessary 
and monitoring capabilities.
So we've done that hand-in-hand, I would
say with industry and within the agency
but there's no secret sauce to voice.
We have enterprise standard capabilities.
We plug and play.
We plug in as needed.
We've built three standard
offerings to be able to do that.
They are all very compliant.
Obviously, very monitored and ensure…
what we've done is ensured through
a series of, I would say,
network optimization and/or
research initiatives,
really looked at what made sense
and how we wanted to build
in those architectures
and we built them in obviously
with security standards in mind.
JIM: What's the timeframe
and milestones
for decommissioning
the milCloud 1.0 infrastructure?
MARTIN: So I don't have
those on hand right now.
What we've got is a--
the number one priority
is to move for us or to move 1.0 to 2.0.
Like I said, I would expect
about a year but I don't
control all of the applications
in that environment.
And as you all know,
it's not as simple as just
pressing a button and things move.
But what we do have is our folks
or my team is specifically engaged
with every application owner
in milCloud 1.0 to migrate them.
So I would expect that to be
as soon as possible.
But it takes time, right?
It all depends on the application
and how it's built.
JIM: Final question,
with the OOB privileged user VDI
solution being such a success,
is there a plan to roll it out
as an enterprise solution
and possibly a DISA-provided
service to the mission partners?
How do I answer this without
getting in trouble by my boss?
[soft laughter]
My intent would be no.
We implemented it
for a very specific solution
or very specific problem set
and I think we've been very successful.
I spoke about this at AFRICOM last week.
I know there's tactical units
trying to do the same thing
but whether it’s tactical or enterprise,
the costs are unbelievable.
So if I have a requirement,
if I have a funding requirement
and it truly makes sense,
I think we're happy
to do that as an agency
but I think there's alternative
solutions we can look at.
But again, it depends.
We're happy to help, obviously
but at present, I do not
personally have a plan to roll
it out and enterprise VDI.
JIM: Thank you, Mr. Martin.
