DoD Cloud Exchange 2023: Okta’s Sabrina Lea on the evolution of classified cloud services
The opportunities for software as a service vendors in the Defense Department and Intelligence Community’s classified environments continue to emerging, expla...
The Defense Department reached a major milestone when it awarded the Joint Warfighting Cloud Capability contract vehicle in December 2022.
The contract allows DoD to order commercial cloud services “at the speed of mission, at all classification levels, from headquarters to the tactical edge,” DoD said at the time of award. The JWCC awards went to four of the top cloud infrastructure providers: Amazon Web Services, Google, Microsoft and Oracle.
With the major cloud services deal in place, software as a service companies are now eyeing opportunities to build applications that could work in DoD’s classified environments. But the way forward for those SaaS providers is somewhat murky.
“Anybody who’s trying to build a SaaS product, we all struggle with: How do I build it in the classified regions?” said Sabrina Lea, director of DoD and intelligence community programs at Okta, during Federal News Network’s DoD Cloud Exchange 2023.
Meeting the highest IL requirements
While agencies have adopted cloud services for progressively more sensitive DoD impact levels, which categorize information sensitivity, only a small handful of vendors have developed applications that meet Impact Level 6 requirements for data classified as secret.
That’s despite the increasing demand for SaaS in the commercial sector, with Gartner forecasting $195 billion in worldwide cloud application services spending in 2023.
“It’s a little bit of a chicken and an egg situation,” Lea said. “Because I don’t have a contract that allows me to build in that space. But also, why would they give me a contract, because I don’t have a capability in that space. So, it’s sort of a Catch 22.”
Still, the landscape for classified cloud-based software is evolving rapidly. In January, Microsoft announced its Office 365 suite was being made available to government customers at the secret level.
And in February, the Technology Modernization Fund announced an $11.1 million award for the Treasury Department to bring its classified intelligence-sharing network into the cloud. The project will make Treasury “the first in the Intelligence Community to implement a cloud email productivity software solution.”
“I think it’s the same Catch 22 that cloud service providers faced 10 years ago,” Lea said. “And they’ve solved that. And I think the next horizon is to solve it for us SaaS vendors who run on top of the cloud service providers.”
At the same time, DoD is also looking to move more cloud services to the tactical edge for deployed forces and warfighters — often in austere environments where connectivity can be patchy at best. The Defense Information Systems Agency’s Hosting and Compute Center specifically highlights the expected tactical edge offerings from each of JWCC cloud provider.
Moving toward the tactical edge
Lea said that’s another area where SaaS vendors will likely be investing more in their capabilities.
As an identity company, Okta too must start thinking about making those kind of investments — around interoperating with technologies that work in unique tactical environments, she said.
Lea added that major progress has been made by identity, credentialing and access management (ICAM) vendors over the past several years in coalescing around open standards.
“Now, there are open protocols that allow identity vendors to talk to each other, to really easily integrate, federate, work together,” she said. “That’s really an area where federal systems integrators can shine and where we as vendors can shine by showing how we interoperate and actually build multivendor solutions in this space.”
Each week, Defense Reporter Jared Serbu speaks with the managers of the federal government's largest department. Subscribe on PodcastOne or Apple Podcasts.
Director, DoD and Intelligence Community Programs, Okta
Sabrina Lea is a computer engineer and enterprise software sales leader, with over 15 years of experience supporting the United States federal government. She is the director of DoD programs at Okta, where she focuses on bringing Modern Identity solutions to mission critical government organizations. Prior to Okta, Sabrina worked as an Account Manager and a Solutions Engineer at Splunk, where she was dedicated to helping national security customers use data analytics to support their IT, cybersecurity, and mission requirements. Sabrina has also served in a number of engineering and technical leadership positions at NSA, USCYBERCOM, and Booz Allen Hamilton. She holds an MBA from Georgetown University, an MS from National Defense University, and a BS in Computer Engineering from University of Maryland Baltimore County. She lives in Northern Virginia with her husband and son.
Justin Doubleday
Reporter, Federal News Network
Justin Doubleday is a defense and cybersecurity reporter for Federal News Network. He previously covered the Pentagon for Inside Defense, where he reported on emerging technologies, cyber and supply chain security. Justin is a 2013 graduate of the University of New Hampshire, where he received his B.A. in English/Journalism.