The U.S. Defense Department has amended a policy for the agency’s civilian and military organizations that want to procure cloud services from industry, FedTech magazine reported Wednesday.
An internal memo obtained by FedTech says the agency will now allow its components to purchase directly from cloud service providers instead of buying through the Defense Information Systems Agency.
The memo, signed by acting DoD Chief Information Officer Terry Halvorsen, also requires defense organizations to coordinate with DISA to ensure cloud offerings meet security requirements.
Federal Times reports the agency plans to release another guidelines and requirements for CSPs to manage security of sensitive unclassified information on Jan. 7.
“The Department of Defense is built on the principles of centralized control and decentralized execution, whether it’s on the battlefield or inside the supporting elements,” Testoni said.
“We always think of the risk of failed procurement or risk of non-standard implementation. But there’s also a risk of not being able to deploy modern technologies fast enough to leverage them and we tend to forget that piece… this will allow for a balance of risk,” he added in the interview.