cloud security

In-Q-Tel invests in secure, zero-footprint virtual platform

In-Q-Tel, the CIA's venture arm, has invested in a Silicon Valley startup that is developing a secure cloud "workspace" that would allow agencies running legacy desktop virtualization services in data centers to run them in commercial cloud platforms like Amazon Web Services and Microsoft Azure.

The startup Frame, a cloud platform developer, has been working with the Defense Innovation Unit Experimental to "prove out" its cloud application delivery approach.

Frame's strategy aims to upend traditional virtual desktop infrastructure which is widely used across DOD agencies. The company's technology allows users to securely access distributed applications via a web browser running on mobile and other devices. "The ability to reduce security risks with zero-footprint virtual desktop clients, while simplifying management of desktop software, is attractive to our government partners," noted George Hoyem, managing partner for investments at In-Q-Tel.

As the cloud transforms the delivery of applications and services to enterprises, technology incubators like In-Q-Tel are pouring venture funds into approaches like Frame's. In an interview, a Frame executive said the startup has taken lessons learned in delivering enterprise IT and applied them to U.S. agencies struggling to shift to cloud computing.

The goal is to push software services and a "security model all the way up the stack to the desktop," Frame's Jason Holloway said.

Founded in 2012, Frame added support last year for the AWS GovCloud and Microsoft Azure Government platforms. AWS is the primary cloud provider for the CIA and other U.S. intelligence agencies. Holloway, a former Air Force communications officer who later worked for the CIA, also served the CTO for C2S (Commercial Cloud Services), the U.S. intelligence agency cloud.

He also helped develop technical specifications for the Intelligence Community IT Enterprise, a program that allows for easier data sharing among intelligence agencies through common standards and cloud storage.

Frame's virtual workspace service reflects the rise of the software-as-a-service model for delivering emerging cloud-native applications that run on web browsers. Frame stresses that its virtual workspace is designed to run Windows and Linux-based applications from any device. Cloud-based support also means complex applications like data visualizations can draw on unlimited computing power available from cloud vendors such as AWS and Microsoft.

The ability to scale computing power is important for high-end workloads such as geospatial applications that tend to bog down on traditional VDI architectures. Those computing-intensive jobs could be accelerated as a cloud-native application capable of leveraging graphics processors, for example, Frame's Holloway noted.

Industry analysts also note that cloud-native applications run faster and are easier to deploy than traditional VDI technology, which brings with it administrative overhead.

In-Q-Tel and DOD agencies such as DUIx, are betting that distributed applications will run securely. The cloud-native approach to application delivery is inherently more secure, Holloway asserted, adding that in the event of cyber breach, "The blast area is much smaller."

The company's cloud-first approach also takes advantage of the ability to scale computing requirements up or down. Many companies are exploiting that feature as they adopt hybrid cloud strategies that keep sensitive data and applications in datacenters while running other computer-intensive workloads in the cloud.

A cloud-based virtual desktop approach might allow DOD users to run some unclassified workloads in isolated AWS or Microsoft clouds regions while sensitive data is kept in-house, Holloway explained.

Frame, based in San Mateo, Calif., has so far raised a total of $32 million in two funding rounds.

About the Author

George Leopold is a contributing editor for Defense Systems and author of Calculated Risk: The Supersonic Life and Times of Gus Grissom."Connect with him on Twitter at @gleopold1.


Charter Sponsors