In the next 18 months, the Defense Information Systems Agency will issue four to five provisional authorizations for commercial cloud providers to handle sensitive Level 5 government data, according to a DISA official.
The move was announced Nov. 17 by John Hale, DISA’s chief of enterprise applications, and it is the latest in a series of steps the Defense Department is taking to balance the potential cost-saving benefits of commercial cloud services with concerns about securing DOD data.
Level 5 includes high-sensitivity data on national security systems and runs through cloud access points to the unclassified NIPRNet. It is one level shy of the highest designation, which is for classified data.