Why the Pentagon's single-source JEDI cloud contract would be a mistake for any large business

Why the Pentagon's single-source JEDI cloud contract would be a mistake for any large business

In announcing its 10-year, $10 billion JEDI cloud contract last March, the U.S. Department of Defense said its aim is to move at “the speed of relevance.” That’s a laudable goal for a cloud architecture that will support the delivery and sharing of information in real time to make the U.S. Armed Forces more lethal and better equipped for battle. But going with a single cloud provider is the wrong strategy and will cost the DOD dearly in more ways than one. It should change course while it has time.

The modern businesses I talk to understand that the half-life of new technologies in the cloud is rapidly decreasing. The pace of innovation is accelerating, and the cloud makes it easy for them to engage with multiple technology suppliers, providing the flexibility to select whichever vendor has the best capabilities to meet their fast-evolving needs. That’s one of the reasons why 69 percent of businesses are already pursuing a multi-cloud strategy.

This month, the DoD announced it had narrowed its search to two cloud providers, Amazon AWS and Microsoft Azure. Its plan to go with a single provider raised a chorus of protests for legal and other reasons. I’m focused here on the technical reasons, which I believe are the most relevant if the Pentagon is to build a successful, future-proof cloud platform that will support its needs in the decade ahead. 

ADVERTISEMENT

Microsoft and Amazon are both highly capable companies, but it’s a mistake for any organization to assume they can know who will deliver the best technologies to meet their needs five years from now, never mind 10. Who would have thought, a decade ago, that Microsoft would even be a contender for this deal, when Steve Ballmer was still laughing at the iPhone and defending Microsoft’s desktop monopoly? This industry moves fast, and Microsoft shows how quickly the leaders change.

If the DOD wants to move at the speed of relevance, that’s precisely why it should enlist more than one cloud provider for its contract. Engaging with multiple vendors would mean that, from the get-go, the DOD is building a cloud architecture that is flexible enough to engage new providers when the need arises. Instead, the Pentagon will inevitably build applications that lock it into a single company’s platform, limiting its options ahead.

The ability to innovate isn’t the only reason. The government’s own purchasing guidelines say it should favor multiple providers wherever possible; spreading the benefits of such large contracts would help make the nation’s cloud industry more competitive. It also ensures the DOD has multiple cloud providers certified to its standards in the event that service from one provider is interrupted. Even the biggest cloud providers are vulnerable to catastrophic outages. The CIA already has a $600 million contract with Amazon; cementing the government’s relationship with one vendor makes it overly reliant on a single supplier.

The government cites security as a reason for going with a single vendor, but this is a myth from which corporate America is rapidly waking. There’s no technical reason that operating two clouds should be less secure than one: The same vetting and requirements can be applied to both. Operating with a single cloud tells adversaries exactly where they should focus their efforts, undermining the security that the DOD says such a strategy will strengthen.

Every six months, customers learn enough to make significant changes to their deployment architecture, roll-out plans and specific requirements, and different vendors deliver innovations to meet those needs. New features, enhancements and emerging standards are rapidly changing. Predicting a 10-year roll-out is a fool's errand and getting locked into a fixed contract will result in a deployment that could be out of date within two years.

Murli Thirumale is co-founder and CEO of cloud software provider Portworx.