Four years ago, Amazon Web Services agreed to build CIA its own smaller version of Amazon’s global public cloud, which would live in CIA’s own data centers and would not be connected to the internet. Teresa Carlson, AWS’s worldwide public sector VP, called it “the first air-gapped commercial cloud.”
Today, the cloud giant announced services hosted in this “Secret Region” are now available to other members of the Intelligence Community whose data secrecy classifications are below Top Secret, the level the region has been thus far serving exclusively.
The idea is to give others in the IC the same benefits the CIA has been getting out of the deal, which according the agency’s CIO John Edwards has been game changing. “It’s the best decision we’ve ever made,” he said from stage at AWS Public Sector Summit in Washington, D.C., earlier this year. “It’s the most innovative thing we’ve ever done; it’s having a material impact on both CIA and EIC.”
The region, which has been live for three years, is a full availability region consisting of three availability zones. The zones are hosted in three geographically dispersed data centers.
In addition to agencies with Top Secret workloads, it is now available to IC members with Secret, Sensitive, and Unclassified data classifications, AWS representatives said in a statement. Non-IC government customers with “appropriate Secret-level network access” will also be able to use it but not through the IC’s Commercial Cloud Services (C2S) contract with AWS.
The word “commercial” was included in the name for a reason. “It’s because we want to be like commercial; we don’t want to be like government,” Edwards said. “We want the speed of commercial; we want the speed of that innovation.”
He praised his agency’s ability to spin up computing resources in minutes instead of months, quickly test new applications, and perform analytics in ways it wasn’t capable of before, all thanks to the IC’s Amazon cloud.
The CIA and AWS charted new waters with the C2S contract; along with that comes a degree of risk. “This had never been done before,” Edwards said. “We put an entire Amazon cloud region on our space, in our premises. It was risky; neither side new how it was going to turn out.”
Official launch of the Secret Region for the rest of the Intelligence Community can be viewed as a sign that the risk turned out to have been worth it.
Watch Edwards’ presentation on the CIA’s own AWS in full: