Advertisement
Subscribe to our daily newsletter.
Subscribe

DISA approves Google to host more sensitive DOD cloud data

Google’s cloud service recently earned the provisional DOD Impact Level 5 security authorization — and the company doesn't plan to stop there.

By

Clouds forming thumbs-up shape in sky
Clouds forming thumbs-up shape in sky (Source: Getty Images)

Google Cloud received the Defense Department’s Impact Level 5 (IL5) security authorization from the Defense Information Systems Agency, it announced Tuesday.

The cybersecurity designation gives the technology giant approval to host some of the military’s most sensitive (but not top secret) data, including workloads associated with defined National Security Systems.  

The new designation is the result of “a rigorous assessment of physical, logical, and cryptographic isolation controls,” according to a statement shared with DefenseScoop. 

It comes as the major technology player vies with Amazon Web Services, Microsoft and Oracle for contracts via the DOD’s Joint Warfighting Cloud Capability (JWCC) plan for an advanced infrastructure enabled by multiple commercial vendors. 

Advertisement

“This authorization will provide the warfighter another safe, secure cloud hosting capability to store and process mission-critical information,” Lt. Gen. Robert Skinner, DISA director and Joint Force Headquarters-Department of Defense Information Network commander, said Tuesday.

DOD relies on its “Impact Level” classification system to categorize data and securely authorize cloud-based hosting environments. IL5 encompasses the highest level of authorization granted to environments built to store and process controlled unclassified information (CUI), as well as what’s considered mission-critical and national security systems information. 

This new designation from DISA, according to the agency’s release, affirms the following Google services: BigQuery, Cloud Hardware Security Module, Cloud Key Management Service, Google Cloud Storage, Google Compute Engine, Persistent Disk, Identity and Access Management and Virtual Private Cloud.

In a draft blog post viewed by DefenseScoop ahead of its release, an executive from the company said it is “committed to rapidly expanding the number of Google Cloud services within the IL5 authorization boundary.” 

Different federal agencies abide by different security protocols. For DOD, beyond IL5 is IL6 — a rigid compliance standard that is required to process classified data for cloud-based defense workloads. Cloud service offerings from AWS, Microsoft and Palantir have been authorized to operate at IL6, so far.

Advertisement

“Google Cloud will pursue the IL6 certification for classified work,” a spokesperson told DefenseScoop on Tuesday.

Brandi Vincent

Written by Brandi Vincent

Brandi Vincent is DefenseScoop's Pentagon correspondent. She reports on emerging and disruptive technologies, and associated policies, impacting the Defense Department and its personnel. Prior to joining Scoop News Group, Brandi produced a long-form documentary and worked as a journalist at Nextgov, Snapchat and NBC Network. She was named a 2021 Paul Miller Washington Fellow by the National Press Foundation and was awarded SIIA’s 2020 Jesse H. Neal Award for Best News Coverage. Brandi grew up in Louisiana and received a master’s degree in journalism from the University of Maryland.

In This Story

Advertisement
Advertisement

More Like This

Advertisement

Top Stories

Advertisement

More Scoops

Latest Podcasts

How the Navy is reducing workforce friction to improve mission outcomes

How DARPA is looking to AI to fend off cyber vulnerabilities through a challenge program

climate change

How the DOD protects national security interests by monitoring climate change

Splunk’s Paul Kurtz on the power of automation within DOD

Weapons

Cyber

AI

IT