News Stay informed about the latest enterprise technology news and product updates.

NASA’s Jet Propulsion Lab touts hybrid cloud security

The CTO of NASA’s famous JPL told a Gartner Catalyst 2011 crowd how his group conducts sensitive scientific work using a hybrid cloud security model.

SAN DIEGO -- Cloud computing has paid off for NASA’s Jet Propulsion Laboratory (JPL), and, in fact, provides better security for crucial programs than what JPL could otherwise provide internally, said Tomas Soderstrom, chief technology officer for the JPL CIO office.

It’s not right to say the cloud isn’t secure. It’s how you use it.

Tomas Soderstrom, chief technology officer, JPL CIO office

In a presentation Wednesday at Gartner Catalyst Conference 2011, Soderstrom talked about how JPL uses multiple public and private clouds for mission-sensitive work. JPL’s foray into the cloud started three years ago as a way to “get more science for less money,” he said. “Our CIO said, ‘I don’t want to buy anymore, I want to rent.’”

The Pasadena, Calif.-based JPL, the legendary facility known for its crucial rule supporting NASA’s Cassini-Huygen mission to Saturn and the Mars Exploration Rovers, moved the rover program to a cloud computing model to manage the data the project’s team uses to develop daily plans for rover activities. It also uses the cloud for its “Be a Martian” website, which enables public participation in Mars research tasks. Processing thousands of Saturn images in the cloud, Soderstrom said, has saved the JPL substantial money and time.

The mix of public and private clouds JPL uses includes services from Amazon Web Services, Microsoft and Google Inc. It also works with Lockheed Martin Corp. on private clouds, and other companies, such as Terremark Worldwide Inc. and Computer Sciences Corp. (CSC), Soderstrom said.

How safe the cloud is comes down to a training issue, he said. “You have to educate users. …It’s not right to say the cloud isn’t secure. It’s how you use it.” Ultimately, JPL believes “cloud can be more secure than what we can do inside,” Soderstrom said.

JPL created a self-provisioning portal for end users to order cloud resources. Users enter various characteristics of the application they need and the system decides what’s appropriate. “We want to enable cloud, but not be stupid about it,” Soderstrom said. “We do chargeback. There has to be a way it pays for itself,” he added, referring to an IT chargeback system.

When Soderstrom polled attendees about their use of cloud, very few indicated they use public or hybrid clouds. He urged attendees to get started on cloud initiatives, telling them there are huge benefits with public clouds. Don’t move legacy systems into a public cloud, however, he said. “Take something new, something mobile.”

Organizations also should create cross-functional groups, including representatives from legal, procurement, security, facilities and business units, when developing cloud projects, Soderstrom said.

Soon, the discussion won’t be about cloud -- it will “just be the way we do things,” he said. “IT as we know it will go away.”

Dig Deeper on Hybrid and Private Cloud Computing Security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.