Is cloud computing secure enough for spies? CIA bets on Amazon

Intelligence agencies do more than just spy on you in the cloud. Some, like the CIA, use the cloud for their own purposes.
Written by Steven Vaughan-Nichols, Senior Contributing Editor

When you think spy agencies and the cloud, you probably think about the National Security Agency (NSA) snooping on the cloud. Well, guess what? Intelligence agencies use the cloud for their own IT as well. Or, at least the Central Intelligence Agency (CIA), aka the Company, does with its own private Amazon cloud.

Sure, the CIA used to use secret gadgets, but now it's putting its IT on the cloud like everyone else.
Why would the CIA do this? Well, as Michael McConnell, former director of the National Security Agency, said in 2012, "The economics of the cloud are so compelling they can't be denied. [But,] we have to get the security aspects right."

So while I'm sure the CIA's cloud takes the notion of a private cloud to new levels, it's not going to share its cloud security secrets. The core technology is AWS, but this cloud, as a Government Executive writer put it, is "a public cloud built on private premises." The CIA has, however, been more forthcoming about what else it's going to do with its cloud.

For example, would it surprise you to know that the CIA's Amazon Web Services (AWS) cloud is getting ready to open its own app store? Well, believe it or not, that's exactly what CIA's Chief Information Officer Doug Wolfe announced at the Cloudera Federal Forum in February.

Secret CIA spy gadgets go public: photos

The Federal Times reported that Wolfe said, "Some folks had the idea that we need an environment that is much like the marketplace we see commercially. We are going to be delivering a private marketplace that will support the IC [intelligence community]."

Community? Yes, community.

You see it's not just the CIA. Amazon runs AWS GovCloud and Federal Risk and Authorization Management Program (FedRAMP). This cloud service was given a Department of Defense (DoD) provisional authorization under the DoD Cloud Security Model (CSM) for Impact Levels 1-2 last year. If you translate that from Federal bureaucratic language to English, it means that other DoD agencies can put their secrets on the cloud too.

When they get there, they'll find the Intelligence Community app store has only about a tenth of the applications on the AWS Customer App Catalog. These secured programs will include Software-as-a-Service (SaaS) and open-source apps.

But wait, there's more. The CIA is working with Cloudera, an open-source company that specializes in Hadoop Big Data. Specifically, the CIA will be using Cloudera Enterprise to create its own enterprise data hub.

According to a report by NextGov, Wolfe said the CIA will start using Cloudera's Enterprise Data Hub platform by April. Once proven, the Company will open its Big Data services to all 17 IC agencies.

Where will this Data Hub live? On the CIA's AWS cloud of course.

This doesn't sound as exciting as the CIA in spy novels or the TV series Homeland, but it is what's needed to keep the CIA working on time and budget. So, if your CIO is still feeling twitchy about putting your applications and data on the cloud, just remind him or her that even security agencies are putting their IT eggs into the cloud basket.

Related Stories:

Editorial standards