How the CIA partnered with Amazon and Changed Intelligence

http://www.defenseone.com/technology/2014/07/how-cia-partnered-amazon-and-changed-intelligence/88555/

Humm

CLOUD


Can't Locate Or Use Data

CLOUD


Can't Locate Or Use Data

If you think a "Cloud" can't be found, man rethink.

Cloud is the new, current term for Server. Can you say "You got email."

You can check to see if a cloud can be found by putting the IP addresses into www.robtex.com I have found many of them there, but you cannot access the cloud from there. You can only see it. But like this site, many others, you can easily find clouds. There are was to find even high level Coordinate Cloud servers. Why do you think CDC get hacked so much.

BLUF:This is a fantastic move for reducing infrastructure costs. It's a horrible one for actually being able to get the job done.

This will be chaos... Just because something is hosted in the cloud does NOT mean that the provider is on the hook for data problems, just making sure the hardware is available. The obamacare web site's initial public rollout failed and it was blamed on the cloud provider. It shouldn't have been, the problem was the architecture, the developers, the project management, pretty much everything EXCEPT the cloud provider.

Unless they are also contracting Amazon to do the development, all they got was the AWS platform. Which does exactly ZERO without the applications. At the price they quoted, $600M over 10 years, I'd guess that there is no application development in there. What they bought was infrastructure and bandwidth. The integration and development will all have to be done before the very first document can be shared.

I don't disagree with them going to the cloud (for the most part) but they have no idea how many challenges they will be in for if they don't hire competent developers to build it. And, oh yeah, AWS is on the public internet.

Anyone think this might be high value information that will tempt your local hacker? Amazon won't be managing the user accounts, that comes from the admins at the agencies, which will be skimped on because "hey, we don't need professional admins, we're in the cloud" IT Security professionals still haven't been able to come up with standards for PCI-DSS, Sarbanes-Oxley, etc hosted in the cloud. How the heck does the CIA believe they can securely do integration and sharing between agencies with SCI data?

Finally, by definition the people at AWS will have administrative credentials. Despite what I've heard said by government contractors and military IT people, it is IMPOSSIBLE, yes, literally IMPOSSIBLE, to keep someone with administrative credentials out of the data if they really want in. Snowden was an IT infant compared to the people at Amazon. Look what he did with his administrative login. The applications that they are moving to the cloud are ones that assume that the systems are secure (both physically and logically) to begin with. I'm pretty sure they don't encrypt everything at a level that an admin can't get to. All it takes is one bleeding heart at Amazon and everything that's in the cloud is rolled up and delivered to one of those sites like Wikileaks or directly to our enemies. In fact, putting it in the cloud makes it easier to package and pillage.

It's clear to me that this decision is being made by CIA Executives based solely on the reduction in costs. If the true IT people were making it, they'd focus on reducing costs in other areas, and there are a lot of opportunities. This one is a non-starter to me as a senior IT person.

They should get the same folks that developed AKO. Now THAT is a secure network. You cant find shit there.

On a side note, they are paying AWS the same amount they paid for AKO. The AKO deal was $50M a year, this is $60M. I read the RFP and ran away from that deal.

You get what you pay for...

They should get the same folks that developed AKO. Now THAT is a secure network. You cant find shit there.

:D Lmao! Just got off earlier, and yeah.

They should get the same folks that developed AKO. Now THAT is a secure network. You cant find shit there.

Brawhaha.. So true.

BLUF:This is a fantastic move for reducing infrastructure costs. It's a horrible one for actually being able to get the job done.

This will be chaos... Just because something is hosted in the cloud does NOT mean that the provider is on the hook for data problems, just making sure the hardware is available. The obamacare web site's initial public rollout failed and it was blamed on the cloud provider. It shouldn't have been, the problem was the architecture, the developers, the project management, pretty much everything EXCEPT the cloud provider.

Unless they are also contracting Amazon to do the development, all they got was the AWS platform. Which does exactly ZERO without the applications. At the price they quoted, $600M over 10 years, I'd guess that there is no application development in there. What they bought was infrastructure and bandwidth. The integration and development will all have to be done before the very first document can be shared.

I don't disagree with them going to the cloud (for the most part) but they have no idea how many challenges they will be in for if they don't hire competent developers to build it. And, oh yeah, AWS is on the public internet.

Anyone think this might be high value information that will tempt your local hacker? Amazon won't be managing the user accounts, that comes from the admins at the agencies, which will be skimped on because "hey, we don't need professional admins, we're in the cloud" IT Security professionals still haven't been able to come up with standards for PCI-DSS, Sarbanes-Oxley, etc hosted in the cloud. How the heck does the CIA believe they can securely do integration and sharing between agencies with SCI data?

Finally, by definition the people at AWS will have administrative credentials. Despite what I've heard said by government contractors and military IT people, it is IMPOSSIBLE, yes, literally IMPOSSIBLE, to keep someone with administrative credentials out of the data if they really want in. Snowden was an IT infant compared to the people at Amazon. Look what he did with his administrative login. The applications that they are moving to the cloud are ones that assume that the systems are secure (both physically and logically) to begin with. I'm pretty sure they don't encrypt everything at a level that an admin can't get to. All it takes is one bleeding heart at Amazon and everything that's in the cloud is rolled up and delivered to one of those sites like Wikileaks or directly to our enemies. In fact, putting it in the cloud makes it easier to package and pillage.

It's clear to me that this decision is being made by CIA Executives based solely on the reduction in costs. If the true IT people were making it, they'd focus on reducing costs in other areas, and there are a lot of opportunities. This one is a non-starter to me as a senior IT person.

Yes this in the basics fundamental idea or concept for the reason why or behind this makes sense. Yes it would be nice for 17 or 13 large communities to be able to storage information, data, videos, and whatevers. Then be able to serve it and whatever it. All I can say for Intelligence, is CIA should have learned from their Palantir start, usage and current problems. No real management at SO MANY levels, thing, well crap in crap out. Not the storage and compartmented problems with most information. Hell just look at you work and their server or the use of DTMS. Same thing under a different format, but a cloud in basic form. You got Rye?

On the whole security parts and credentials part. Yes (1VB)compforce you're right. Basically, it's a data center (A lot of servers banks) on land that houses a huge storage for data that can be accessed from anywhere by people who are given permissions for the purpose of collaboration and access. Yes it saves money because you don't have to buy, update, or maintain the servers, but you are charged for using them. WoW only 60 million a year. Yes we have Agencies and COCOM that can do the same thing, but that's a different story.

Yes (1VB)compforce, the downside is that you have to rely on the cloud service for security to protect your data. Anyone that REALLY uses these should know this,yet they don't. BLUF, there is nothing that cannot be hacked, but there is always a workaround. Cloud security is either really good or really bad, I call it AWS or your TAILS or RedNeck securities. The other bad thing about Clouds, they can also be used by bad actors for ddosing, stealing information, and other malicious cyber attacks. Best to research the cloud service for security breaches if your looking to use it for personal or Corporate usages.

Why the hell is the military discussing intelligence info access with the public?

Why the hell is the military discussing intelligence info access with the public?

No Mark.. No the Military.. The whole IC and look who funded the whole thing.