The Defense Innovation Unit (DIU) of the US Department of Defense (DoD) has chosen Google Cloud’s Secure Cloud Management (SCM) solution to install across the organization, paving the way for wider adoption across defense organizations across the world.
After deploying three distinct, year-long prototypes by Google and two other commercial vendors – with the purpose of providing DIU with rapid, secure, and regulated access to Software-as-a-Service (SaaS) applications directly via the Internet – the production contract was awarded.
The Defense Innovation Unit helps improve U.S. national security by speeding commercial technology adoption across the military and expanding the national security innovation base.
The Google Cloud solution, which was developed in collaboration with Palo Alto Networks, is based on zero trust principles, which hold that implicit reliance in any one component of a large, interconnected system can pose major security threats. The SCM option from Google Cloud also corresponds with the White House’s May 2021 Executive Order and the US Office of Management and Budget’s recent directive urging the federal government to boost national cybersecurity. Other DoD agencies can purchase this SCM solution through Other Transaction Authority (OTA) agreements as they implement their own zero trust strategies.
Zero Trust Security Strategy
Built on Google Cloud’s Secure Application Access Anywhere service, the SCM solution is a container-based offering for secure application access and monitoring. This open, standards-based system will replace DoD’s present network border points with a scalable, highly responsive alternative. SCM uses Anthos from Google Cloud to manage hybrid cloud and multi-cloud workloads using Kubernetes.
Palo Alto Networks VM Series and CN Series bring ML-Powered Next Generation Firewall capabilities directly inline to safeguard microservices-based applications – wherever they are deployed – and Prisma Access provides endpoint inspection, authentication, and remote access for applications protected by the Google Cloud SCM solution, allowing secure access to DIU resources.
“In today’s new cybersecurity paradigm, it’s critical that government agencies see the benefits of adopting a zero trust security strategy and have the option of selecting more modern, cloud native solutions that meet their unique needs,” said Lynn Martin, vice president, North America Public Sector, Google Cloud. “We are honored to partner with DIU as the organization undergoes the next phase in its zero trust journey, as we believe other DoD agencies can benefit and learn from this security approach.”
A third-party evaluation group assessed the Google Cloud SCM system using criteria established by the Defense Information Systems Agency (DISA). 77 security measures were assessed during the audit, comprising test cases for network, user, end device, data, and secure cloud management controls.
Cloud hosting, cloud management, multi-cloud, Google Cloud, hybrid cloud, US Defense Innovation Unit, US Department of Defense, Lynn Martin, Google Cloud SCM, zero trust security, Palo Alto Network.
