WASHINGTON — The U.S. Army has completed its pilot program that would allow teleworkers to access classified information, a capability that military leaders first rolled out over the summer, a top IT officer said Wednesday.
Speaking at the C4ISRNET CyberCon event, Maj. Gen. Maria Barrett, commanding general of the Army’s Network Enterprise Technology Command, said the capability was nearly ready to be put into production, where it will be distributed to about 2,000 users.
The pilot program included 500 people. It used commercial solutions to access sensitive data and classified data up to the secret level. In June, Barrett told C4ISRNET the “majority” of devices accessing sensitive or secret information would be virtual desktops with no data storage on the end user device, while others would store data to allow for users to work offine.
Under the program, users can access both the Non-classified Internet Protocol (IP) Router Network and the Secret Internet Protocol Router Network on the same laptop.
“I can take it on a trip, I fire it up and I have full desktop functionality .... I can do video teleconferencing, I can go to portals. So it’s not just email,” Barrett said.
She said that the service has “advertised” the new classified capability out to “a number” of Army components, particularly ones that have requested DoD Mobility Classified Capability (DMCC) devices from the Defense Information Systems Agency. That tool allows limited classified abilities, but not to the same extent for Barrett’s use case.
“For any Army element that has requested these [DMCC] devices from DISA, we’re looking at that list and saying could this substitute for DMCC requests that you put in so that the DMCC’s can go back into the pool available to the rest of DoD,” Barrett said.
In the future, she said, she would like to move the Army away from maintaining its own infrastructure to enable the capability.
“Ideally in the future, I’d love to see a CSfC solution that leverages Impact Level-Six cloud and that would unencumber us from having to stand up and maintain our own infrastructure,” Barrett said, referring to the DoD cloud certification level that allows for secret data storage.
Meanwhile, the Department of the Navy’s chief information security officer recently took notice of the classified capability that the Army’s NETCOM was rolling out. Chris Cleary, the Navy’s chief information security officer, said he was recently briefed on the Army classified telework program and is trying to move it higher up the Navy’s list of priorities.
Classified telework "was seen as a little lower on our priority stack until we [saw] that. Wow, maybe there is an easier way to do this. And somebody already thought through all the heavy lifting, i.e. the Army initiative,” Cleary said. “I’m already running this up the stack to see what the Navy’s interest or would this drive classified telework capability to a little higher on the priority list.”
From Cleary’s view, classified telework is safer and more convenient as the DoD operates in a pandemic.
“Anybody who had to do ... work on a high side machine still had to go into the building for the most part,” Cleary said. “I might have a message that says somebody’s got to do something and then I’ve got to send one of my employees into the Pentagon so they can go do work. Well, is that the right thing to do? Should I put that employee at risk to go back and do the hot zone just to do something on a classified environment?”
Andrew Eversden covers all things defense technology for C4ISRNET. He previously reported on federal IT and cybersecurity for Federal Times and Fifth Domain, and worked as a congressional reporting fellow for the Texas Tribune. He was also a Washington intern for the Durango Herald. Andrew is a graduate of American University.