Data security is critical to any enterprise. And nowhere is that statement perhaps truer than when the enterprise is the United States Department of Defense (DoD).
The foundation of America's global security, the US Department of Defense is America's largest government agency. Its annual budget exceeds $750 billion and is a worldwide workforce of nearly 3 million manning operations in 4,800 locations in 160 countries. Its sheer size, scale, and complexity of operating environments make DoD a textbook case study for any enterprise digital transformation initiative.
So, it's exciting to share with you some highlights of a critical data security transformation pilot recently completed with the United States Air Force (USAF). The USAF often takes the lead in critical DoD technology projects, and this was no exception. This DLP and Insider Threat pilot provided several revealing discoveries as it demonstrated that the USAF could simplify the process of discovering, monitoring, and protecting critical data and information; providing the USAF with a DLP capability vital in the new DoD Zero Trust Framework. While the pilot focused on how data and critical information can be protected on the USAF’s unclassified networks, over the course of the pilot, the vendor team also proved that the capability can seamlessly expand across the USAF’s classified networks as well as providing USAF Cyber Operators with a single UI for protecting data across the entire enterprise.
Data as a Strategic Asset
The program’s success highlights the art-of-the-possible for the USAF to meet the objectives stated in a memorandum to all senior Pentagon leaders from US Deputy Secretary of Defense Kathleen Hicks in May 2021. It tasked the services with transforming the DoD into a "datacentric organization" by implementing industry best practices for secure authentication, access management, encryption, monitoring, and protection of data at rest, in transit, and in use.
Foresight to accomplish these objectives began in 2020, when the USAF recognized it needed better technology and programs for protecting its IP and its sensitive data. They issued a Request for Quote (RFQ) to Industry for a pilot program demonstrating a proven enterprise-scale Data Loss Prevention (DLP) and Insider Threat platform for protecting USAF data at rest and in motion throughout each of its network egress points – email, endpoint, cloud, network, and storage – managed by a single UI.
The RFQ requested that the winning vendor utilize a commercial DLP solution and that an Industry partner provide the design and managed services. This requirement was significant because the DoD recognized it needed to leverage Industry's ability to develop and deploy solutions faster in response to the speed and ingenuity of bad actors on the global stage attempting to penetrate and disrupt its national security systems.
A Winning Combination
In September 2020, the USAF pilot program was awarded with execution occurring at Joint Base San Antonio (JBSA)-Lackland, the USAF's premier cyber-security installation. The selected vendor team consisted of Broadcom Software for Federal, providing our marketing leading Symantec DLP solution and backend product expertise, with the front-end services delivery lead by Expert Advantage Program partner Infolock, and with Broadcom’s prime contractor partner, Iron Bow Technologies.
The solution selected was Broadcom Software's Symantec DLP Suite, bringing unique advantages to large and complicated operational environments like the DoD when it comes to protecting data and sensitive information. Benefits include a single policy management console across all communications channels, saving time and costs, allowing operators to write security and other critical DLP policies once and then publish them everywhere to every DLP sensor. As a central pillar of a Zero Trust, DLP also aligns with the Pentagon's strategic policy mandate to shift the USAF and the other services toward a Zero Trust Architecture.
This program was a winning combination of a market leading, best of breed solution (Symantec DLP) and a top-notch, white glove services team with the experience and determination to successfully deploy and integrate the solution into an environment as complex as the USAF. The pilot allowed us to showcase our advanced capabilities to protect data and sensitive information across an enterprise from cradle to grave, utilizing a single UI and policy set.
Billy Price - Broadcom Director – U.S. Air Force
Services Tour de Force
The pilot program ran through May 2021 and exceeded all technical requirements virtually from the start. Our team was able to quickly deploy, configure, and integrate the Symantec DLP and Insider Threat capability into the Air Force Network (AFNet). For the first time, USAF Cyber Operators had the tools to proactively defend its data, view and analyze risk through user activities and behavior, including the ability to scan file shares and use advanced detection capabilities to automatically review and classify data access at every phase of its use, at rest, or in transit.
The pilot demonstrated how Broadcom’s latest Symantec DLP innovations could transform the USAF's data security posture from a reactive to a proactive position. The difference in capabilities over the previous system was so immediately apparent that in a conference call early in the deployment, the USAF lead of the project exclaimed to the entire U.S. Air Force's pilot team leadership, "We can already do more than our current system!"
Key to the pilot's success was the team's programmatic professional services approach in which all parties to the solution played a key role. While Broadcom Software provided the product expertise and Iron Bow served as the prime contractor, our Expert Advantage Partner, Infolock, provided industry-leading managed services expertise to implement, deploy, and operate the DLP solution. The USAF completed the virtuous circle by offering their insights on their architecture, participating in discovery interviews, providing access, and product usability feedback.
Another "A-ha moment!" that came about as a result of Infolock’s commercial experience, was when Infolock showcased how the on-prem DLP solution is seamlessly integrated into the Symantec Cloud Access Security Broker (CASB) solution to extend DLP controls into the cloud. It represents a remarkable technology and services tour de force that extends the benefits of DLP beyond the initial U.S. Air Force requirements, protecting USAF data wherever it goes and/or wherever it is stored.
Looking ahead, the USAF and the rest of the DoD are focused on implementing data centric security models and meeting their Zero Trust requirements. As proven in the USAF Pilot, with the Symantec DLP solution and one of our Expert Advantage partners, accomplishing the strategic goal established by preparing to launch a DLP program of record for all its various networks. Further down the road, we can also expect to see DLP deployed across all DoD networks and providing more flexibility and scalability as they adopt cloud-based services as a key piece of a Zero Trust architecture essential to accomplishing that strategic goal established by Secretary Hicks where leaders at all levels have the ability to manage, understand, and responsibly share and protect data.
Broadcom Software, Symantec DLP and our services delivery teams demonstrated how the USAF could dramatically transform its data security posture within the backbone of one of the world's largest and most technically complex environments. Imagine how well it can improve data security in your enterprise.
* * *
Thanks for reading. I invite you to stay tuned for the next article in this series. We'll discuss how our Expert Advantage Partner ecosystem drives the successful adoption of Modern UX design utilities and services. We'll discuss how they maximize and accelerate the time-to-value of application development teams for corporate enterprises.
To learn more:
We encourage you to share your thoughts on your favorite social platform.