Military cloud security and the need to keep the cloud under national control

Despite advancements in technology, when it comes to cloud technology, security level concerns remain higher within Defence than all other industries.

Hear from Stein Rune Hognes, Business Development Manager at Airbus Secure Communications as he discusses the current Defence security landscape and what technology can be put in place to combat these concerns.

Cloud security – the Defence landscape 

When it comes to Cloud security levels for Defence, risk concerns are higher and there are a number of ethical and legal obligations that must be met due to the data being managed. To ensure system of systems collaboration, information needs to be synchronised amongst all assets and nodes, and users must be able to turn services on and off while performing critical tasks if systems come under attack. Therefore, assets require adequate level of self-sufficiency and be able to synchronise between nodes when communication is lost.

Military level security means a company must follow established compliance with data protection that countries use to protect everything from trade secrets to plans, as such, sets of rules are put in place to manage access and storing of data. However, due to these requirements, the systems in place often do not take into account new and emerging technology.

Security needs for Defence connectivity 

Defence operations are often highly mobile, flexible environments where connectivity is key. As such, forces cannot rely on a fixed communications infrastructure and instead, need real-time data exchange that can take place in secluded locations and all environments. There is a need to fuse data into a single application, connect all manned and unmanned platforms at strategic, tactical and operational levels through human-operated and human-controlled, Artificial Intelligence (AI) supported systems.

Limited bandwidth and disconnecting networks isn’t an option for Defence. In order for operations to succeed, the three enabling pillars; human, logistic and IT, must continuously connect and collaborate, pushing and receiving data continuously. Due to the nature of data shared, hybrid security threats require seamless safe and secure data exchange with state and non-state actors communicating on lower levels of security.

Combatting cloud security concerns for Defence 

All systems and technology must be under military grade security to ensure they reach the level of protection needed. From putting patches in place, to multiple layers of security mitigation, all elements must have security incorporated from the beginning in the architecture.

Highly secure, virtualisation and distributed computing is more than just a network. Secure software virtualisation was created to address the needs of tactical military systems that require information and applications operating at different security levels, to coexist on a single hardware platform. This removes the need for costly deployment of multiple computing systems to facilitate communications and information from different forces or different intelligence levels in the battlefield.

With a distributed approach, multiple physical data centres make up the cloud and data is spread among the servers at various locations. Data isn’t replicated on each location, but rather shards, or pieces of each data, are spread across the locations as designated by redundancy and location policies. Because the data is not all in one location, it’s more difficult for an unauthorised person to acquire meaningful data.

There are also a number of other methods that can be put in place to help manage security concerns of Defence systems including:

  • Facilitation of running updates
  • Advanced firewall cluster
  • Military grade, end-to-end in transit, and at rest encryption and automation
  • Identity and multi-factor authentication
  • Organisation-wide password policies
  • Remote wipe
  • Intuitive user management

The need to have cloud datacentres on national soil

We are currently in the midst of digital transformation of Military IT. This includes the full spectrum of options, from headquarter (HQ) data centres, to mobile cloud solutions focused on the tactical edge. However, in order to do so, data classifications and clearances are needed to manage and access data and systems.

There are national rules in place that prohibit hosting of data out of national soil. As such the highest level of security controls should be applied to restricted data, including data protected by state or federal privacy regulations, or by confidentiality agreements.