Being able to grab IT resources any time they’re needed, without going through the hassle of setting up a physical infrastructure and its related IT services – sounds too good to be true? Not for the MINDEF Commercial Cloud (MCC)!
That was exactly what our multidisciplinary team of IT professionals from various Programme Centres aimed to achieve. In line with MINDEF’s digital and data transformation plans, our team delivered the MCC, helping MINDEF reap the full benefits of cloud technology while ensuring the MCC would be reliable, effective, and well protected.
With the cloud, which facilitates on-demand resource availability, MINDEF would be able to double up on digitalisation and data exploitation capabilities. This could enable them to explore new operational capabilities such as intelligent soldiers and autonomous unmanned operations, as well as harness artificial intelligence and machine learning to improve the decision-making process for greater mission effectiveness.
To ensure that the hosted IT resources would be elastic, scalable and on-demand, the team used a combination of commercial cloud technologies, enterprise common services, and automation using Infrastructure as Code – a process of managing and provisioning IT resources through machine-readable definition files. Cybersecurity posture and governance were also strengthened through standardisation and centralised monitoring, ensuring cyber hygiene across different systems.
To reap the true benefits of cloud technology, the team decided against rehosting the components from on-premise systems.
“We chose to leverage commercial cloud services and capabilities to replatform and refactor the components in return for better assurance on agility and resiliency. Although this meant taking more time and effort to implement the new services and resolve some integration issues, it deepened our product knowledge significantly and streamlined our workflows,” said Head (Cloud) Wong Marn Chee.
With the MCC in place, the team also established the Digital Platform – a construct to develop technical enablers meant to reduce app development timelines – to help app developers achieve a much faster time-to-market. This enabled developers to build capabilities and systems faster, better, and in a sustainable manner.
The MCC is also a gamechanger for app development, as developers can use its cloud-managed services immediately.
Principal Engineer (Enterprise IT) Lee Jianxiang added: “We are looking at developing pre-approved solution patterns known as system archetypes, which would enable green-lane clearances for traditional Threat Risk Assessments. In addition, we plan to inculcate DevSecOps into the development process with automated security checks to identify vulnerabilities early for fewer reworks and faster delivery. Finally, a cloud enablement team will also be set up to provide dedicated support to developer teams and partner them as they get onboard the MCC.”
With such a massive undertaking, our cyber defenders are also part of the team to ensure that the MCC remains secure.
Adopting a zero trust architecture, the team implemented a diverse range of solutions to ensure that a strong security posture was maintained throughout the technology stack, from user devices to the servers, workloads and data.
Head Capability Development (IT Systems & Network Security) Francis Chua explained: “Our approach was to leverage domain knowledge across several DSTA Programme Centres, and combine native cloud service providers’ security solutions, third-party commercial off-the-shelf solutions, and custom-developed solutions. Such a strategy affords a unique level of protection that is not easily replicated. The solution suite also enables the constant monitoring and maintenance of cyber hygiene in the cloud, with the means for rapid analysis and containment as well as the subsequent response and recovery.”
The MCC already hosts the first tranche of pilot digital products for internal organisation needs, with more on the way.