Federal agencies have made great strides in modernizing their digital infrastructure, tapping the power of the cloud and switching to software-as-a-service applications. Yet, by many measures, the aim of those efforts — to improve the public’s and employees’ digital experience — has fallen short of getting agencies where they need to be.
Why is that, and what can be done to help agencies achieve the service outcomes the public and employees expect?
There is a combination of reasons, from funding gridlock on Capitol Hill to internal cultural inertia. However, perhaps the biggest culprit is how agencies think about and manage modernization. High-level decisions to bolster IT modernization often revolve more around agency organization charts than what needs to happen to modernize the agency-wide digital experience for the public and employees.
In a nutshell, agencies still modernize primarily within silos — upgrading security operations, expanding IT infrastructure to the cloud, redesigning web applications to be more user-friendly — but collectively fail to address what’s missing to leverage those efforts fully. That missing element is a different kind of infrastructure: Think of it as a uniform, interoperable layer of connectivity between agency IT systems and the internet. We call it the “connectivity cloud” at Cloudflare.
Prioritizing interoperability promotes uniformity
At its core, the idea behind a connectivity cloud involves a commitment to making the Internet better for everyone, regardless of the silo they operate in. Establishing a highly-interoperable approach to the interactivity of enterprise and security infrastructure and applications, regardless of whether they operate on legacy infrastructure or across multiple clouds—and whether employees access those applications or the public.
The internet has become the primary media and method for delivering digital government operations. The issue is how to consistently provide uniform and reliable connection and protection across the various platforms and applications that depend on the internet.
The answer starts with shifting how we think about public and employee engagement and recognizing how a uniform connectivity layer — designed for today’s highly distributed end users, workforce, infrastructure, applications and security — can optimize IT interoperability to better support agencies and their missions.
Consider this example: You are a mission owner or a program manager who has grown accustomed to operating within your enterprise’s digital enclave, which operates partly on-premises and increasingly in the cloud. Suddenly, a DDoS attack or a potential ransomware attack is throttling your operations. Your IT team scrambles to figure out, “Where is the attack coming from? What is it impacting? Which vendor’s remediation tools must be activated? How can we scale our defenses to absorb the attack without incurring downtime?”
A connectivity platform like Cloudflare operates as a single, centrally managed layer that sits between your IT operations and Amazon, Azure, and Google cloud environments, as well as your cloud-enabled software service applications. It also sits in front of and manages connections to your legacy infrastructure and security tools. It does that by propagating a service that runs on every server in every data center.
By sitting in front of and connecting all of these environments, Cloudflare provides a uniquely consistent level of connectivity, visibility, security, performance and reliability everywhere. That allows agencies to identify and stop malicious traffic before it gets to any of those environments.
That form on cross-domain connectivity is one reason a growing number of federal agencies, including the Departments of Commerce, Homeland Security, Interior, Justice, State, and Treasury, now rely on Cloudflare for, among other initiatives, to:
- Develop tools and techniques to defend against distributed denial of service (DDoS) attacks, which aim to disrupt critical Government services.
- Significantly reduce the use of bots by entities seeking to seize and resell valuable appointment slots for government services.
- Protect agency staff and devices against web threats
- Protect, enhance and monitor agency web apps
- Support a government-wide network platform, allowing agencies to leverage Cloudflare’s security services for user authentication.
Another reason agencies are turning to Cloudflare is to take advantage of its Protective Domain Name System (DNS) Resolver service, which was first launched for federal agencies by the Cybersecurity and Infrastructure Security Agency (CISA) in 2022. The service, which is mandated for all Federal Civilian Executive Branch agencies and aligns with the White House Zero Trust memo, provides safeguards against malicious domains.
Cloudflare also provides authoritative DNS services for the government’s .gov top-level domain and a suite of FedRAMP-authorized application, network, developer and Zero Trust services, allowing easy access to enterprise-grade security, network and performance services.
A final factor behind CISA’s decision to select Cloudflare’s DNS services is the company’s unique view of the internet: On any given day, roughly 20% of the world’s internet traffic across more than 24 million active websites is proxied on Cloudflare’s network. We serve data from 330 cities in over 120 countries around the world.
That gives Cloudflare’s engineers and security specialists a powerful and unparalleled view of malicious threats that can compromise commercial and government services that rely on the internet. Not even the major cloud providers see anywhere near that level of traffic.
Given the long-standing structural and cultural enclaves that exist across civilian and defense agencies, it’s not likely that IT silos are going away anytime soon. However, by instituting a proven connectivity layer that not only bridges those silos without forcing a change of control within those silos, Cloudflare brings uniformity and greater protection across those silos, and agencies have a much better chance of operating more securely and efficiently — and moving closer to the goal of safely modernizing their digital systems for employees and the public.