Enterprise Cloud Services

Show Notes

In this episode, we break down the Enterprise Cloud Services Sources Sought from the Department of the Navy supporting the Naval Network Warfare Command. This MA-IDIQ opportunity under NAICS 518210 focuses on secure Azure-based cloud operations, IL5/IL6 environments, Zero Trust architecture, and 24x7 enterprise support. Get key insights on scope, clearance requirements, and what contractors must prepare.

Listen to podcast to understand the opportunity and stay ahead of the competition!

Contact ProposalHelper at sales@proposalhelper.com to find similar opportunities and help you build a realistic and winning pipeline. 

Chapters

• 0:00: From Dry Paperwork To Blueprint
• 0:51: Zero Trust Replaces The Castle
• 3:56: IL5 To IL6 In Commercial Clouds
• 5:01: Multi‑Cloud Mandate And Vendor Reality
• 6:01: Electronic Spillage And Digital Hazmat
• 9:15: Clearances And God‑Mode Policies
• 11:20: Afloat Connectivity, SD‑WAN, And Jitter
• 14:34: Mission Essential Operations Under Crisis
• 16:22: No Phones And Culture Shock
• 18:32: Vital AI And Edge HCI Resilience

Transcript

From Dry Paperwork To Blueprint

SPEAKER_01 0:00

I have to be honest with you. When you first handed me this uh this stack of papers, I really thought you were playing a prank on me.

SPEAKER_00 0:07

I get that a lot, actually.

SPEAKER_01 0:08

I mean, I'm looking at a performance work statement from the Department of the Navy. It's dated February 19th, 2026, and it is just thick.

SPEAKER_00 0:18

Very thick.

SPEAKER_01 0:19

Dense and full of the kind of acronyms that usually just make my eyes glaze over instantly. It looks like a receipt for the world's most boring office supply purchase.

SPEAKER_00 0:29

Aaron Ross Powell Right. But you know I insisted that buried in there is You called it a revolution. It absolutely is a revolution. And look, I know it looks like dry bureaucracy. You've got the standard government font, the legal warnings, all the works.

SPEAKER_01 0:41

Yeah, it's not exactly a beach read.

SPEAKER_00 0:43

No, definitely not. But if you actually read the lines and read between the lines, this isn't just a receipt, it's a blueprint. Aaron Powell Okay.

SPEAKER_01 0:49

A blueprint for what exactly?

SPEAKER_00 0:51

Trevor Burrus We are looking at the architectural drawings for how the U.S. Navy plans to operate its entire digital brain for the next five to seven years.

SPEAKER_01 0:57

Aaron Powell That is a massive claim. Because we aren't just talking about upgrading to Windows 12 here, are we?

SPEAKER_00 1:02

No, no. We are talking about a fundamental shift in how the military handles information. This document covers everything from the unclassified email a sailor sends to their mom all the way up to the targeting data on a destroyer. Wow. And even the top secret nuclear propulsion schematics for a submarine. And the Navy is admitting right here in the text that the old way of doing things is completely over.

SPEAKER_01 1:26

Aaron Ross Powell By old way you mean the servers and basements and isolated networks and all that.

SPEAKER_00 1:30

Exactly. The heavy iron. They are moving to the cloud.

SPEAKER_01 1:33

Okay, so the cloud, we hear that term constantly, but for the Navy, that feels, I don't know, a little scary.

SPEAKER_00 1:40

It's a huge leap.

SPEAKER_01 1:41

I mean, if you or I put our photos in the cloud and we get hacked, we lose some vacation picks. If the Navy gets hacked, well, that's a very different Tuesday.

SPEAKER_00 1:49

Aaron Powell That is exactly the tension this document is trying to resolve. It's technically a sources sought notice combined with a work statement.

SPEAKER_01 1:56

So it's basically a help-wanted ad.

SPEAKER_00 1:58

Precisely. The Navy is putting out a call saying we need a massive team of experts to manage our transition to a zero trust cloud architecture.

SPEAKER_01 2:06

Aaron Powell And this is for a specific time frame, right?

SPEAKER_00 2:10

Yes. They need this digital brain to be run by this partner from 2027 all the way through 2032.

SPEAKER_01 2:17

Aaron Powell Let's dig into that phrase you just used. Zero trust. I saw that plastered all over the document. It sounds incredibly paranoid. Like we literally don't trust anyone. Is that the actual official policy now?

SPEAKER_00 2:29

It's not just paranoia, it's a survival strategy. Think about how network security used to work. It was essentially like a medieval castle.

SPEAKER_01 2:37

Okay, I like this analogy.

SPEAKER_00 2:38

You had a moat and a drawbridge. That was your firewall and your password. Right. Once you crossed the drawbridge and got inside the castle, the system just assumed you were a good guy. You could roam the halls, open doors, look in the pantry.

SPEAKER_01 2:48

Right, because I have the badge. Yeah. I'm an insider, so I'm safe.

SPEAKER_00 2:51

Exactly. But zero trust assumes the castle has already been breached.

SPEAKER_01 2:55

Oh wow.

SPEAKER_00 2:56

It assumes there are spies in the kitchen and saboteurs in the library. So under this model, even if you are inside the castle, every single time you try to open a door, a guard stops you and asks to see your ID again.

SPEAKER_01 3:08

Aaron Ross Powell That sounds completely exhausting for the user.

SPEAKER_00 3:11

It creates a lot of friction, yes. But looking at the modern threats the Navy faces today, state-sponsored hackers and insider threats and all that. Right. They have to assume the network is hostile territory, even on the inside. The document explicitly says the architecture must support robust authentication, device hardening, and the reduction of the overall attack surface.

SPEAKER_01 3:33

So it's verifying every user, every device, every single request.

SPEAKER_00 3:38

Constantly.

SPEAKER_01 3:38

So if I'm a sailor on a ship and I want to open a standard file, the system is basically interrogating me in the background.

SPEAKER_00 3:45

Yes, all the time. It doesn't trust you just because you logged in this morning.

IL5 To IL6 In Commercial Clouds

SPEAKER_01 3:49

I want to get into the specific impact levels because that part of the deep dive really surprised me. The document mentions transitioning from legacy systems to things called flank speed and nautilus.

SPEAKER_00 4:01

Right. Flank speed is their cloud infrastructure, and Nautilus is the endpoint management.

SPEAKER_01 4:05

Got it. And within that, there's this jargon about IL5 and IL six. I'm guessing those aren't IL numbers in a warehouse.

SPEAKER_00 4:11

Yeah. No, those are Department of Defense classifications for data sensitivity. And this is where the rubber meets the road for that cloud fear you brought up earlier.

SPEAKER_01 4:19

Okay, break that down first.

SPEAKER_00 4:20

IL five is for controlled unclassified information. CUI. Think personnel records, financial data, internal memos. Trevor Burrus, Jr.

SPEAKER_01 4:29

Things that aren't top secret, but you definitely don't want them posted on Wikipedia. Trevor Burrus, Jr.

SPEAKER_00 4:33

Exactly. Standard sensitive stuff. But IL six, that is the secret level.

SPEAKER_01 4:38

Okay, this is the big stuff.

SPEAKER_00 4:39

The document says this environment is for information that, if compromised, could pose serious damage to national security interests. Trevor Burrus, Jr.

SPEAKER_01 4:46

Like operational plans.

SPEAKER_00 4:48

Operational plans, intelligence reports, and yes, that nuclear propulsion info. And the Navy is moving all of this data into a commercial cloud environment.

SPEAKER_01 4:56

Aaron Powell Wait, hold on a second. Commercial cloud? You mean like Microsoft or Amazon?

SPEAKER_00 5:00

Precisely.

SPEAKER_01 5:01

That seems wild to me. The primary platform mentioned is Microsoft Azure, right?

SPEAKER_00 5:05

Yes. Azure is the primary, but the contract explicitly demands a multi-cloud approach. It specifically lists Amazon Web Services, Google Cloud, and Oracle.

SPEAKER_01 5:15

Aaron Powell So they need the contractor to be cloud agnostic.

SPEAKER_00 5:18

Exactly. They have to be able to bounce between them.

SPEAKER_01 5:20

Aaron Powell But again, we are putting national secrets on the same corporate infrastructure that hosts, I don't know, a startups food delivery app.

SPEAKER_00 5:27

It's a highly segregated, highly secured version of that infrastructure. But fundamentally, yes, that's the reality now.

SPEAKER_01 5:34

Why not just build their own massive Navy server farm?

SPEAKER_00 5:37

Because the Navy realizes it cannot build better servers than Amazon or Microsoft. The tech giants have the scale and the massive RD budgets.

SPEAKER_01 5:47

So the Navy is pivoting to using that scale but wrapping it in the zero trust armor we talked about.

SPEAKER_00 5:53

Aaron Powell That's a great way to put it. They are renting the hardware, but they're bringing their own incredibly heavy locks.

Electronic Spillage And Digital Hazmat

SPEAKER_01 5:58

Aaron Powell Let's talk about the people who actually have to manage those locks. Because I was scrolling through section five, the scope of work, and I looked at the personnel requirements.

SPEAKER_00 6:06

It's a very specific list.

SPEAKER_01 6:07

Yeah, there's a list of 16 specific job titles. And some of them sound like standard IT, you know, system administrator, project manager, too.

SPEAKER_00 6:16

Yeah.

SPEAKER_01 6:16

But then I saw electronic spillage.

SPEAKER_00 6:18

Uh yes, section five point six point five.

SPEAKER_01 6:21

Electronic spillage. It sounds like someone knocked over a latte on a server rack. But reading the description has sounded way more intense than that.

SPEAKER_00 6:28

It is a terrifying term if you work in defense. Spillage isn't liquid, it's data.

SPEAKER_01 6:34

So what exactly is spilling?

SPEAKER_00 6:36

It's what happens when classified information accidentally spills onto an unclassified network.

SPEAKER_01 6:40

How does that even happen in a secure environment?

SPEAKER_00 6:43

Human error usually. Imagine you're an intelligence analyst, you're rushing to get a report out to your commander, you have a secret document open on one screen, and you accidentally drag and drop a paragraph from it into an email on the unclassified network. Or you plug a secret hard drive into an unclassified laptop.

SPEAKER_01 7:01

Click.

SPEAKER_00 7:02

Yeah.

SPEAKER_01 7:02

Done. And now it's out there on the wrong network.

SPEAKER_00 7:05

And instantly you have a massive crisis. You have effectively contaminated the unclassified network with a virus of secret information.

SPEAKER_01 7:13

Because if that email auto-syncs to the commercial cloud.

SPEAKER_00 7:16

It's spreading. If someone forwards it, it's spreading.

SPEAKER_01 7:18

So what does this contractor actually do? The document says they have to execute containment, remediation, and reporting.

SPEAKER_00 7:25

Think of it like a digital hazmat team. The spillage team has to immediately isolate the affected systems. They might literally have to cut network connections.

SPEAKER_01 7:36

Just pull the plug.

SPEAKER_00 7:37

Sometimes, yes. Then comes remediation, which is the scrubbing. They have to go into the hard drives and digitally shred that file so it is completely unrecoverable.

SPEAKER_01 7:46

And if they can't be sure they got it all.

SPEAKER_00 7:48

Sometimes they have to physically destroy the hardware.

SPEAKER_01 7:51

They literally smash the computer.

SPEAKER_00 7:52

If necessary, yes. They melt it down. And then comes the reporting, which is basically a forensic autopsy of who made the mistake and how to stop it from ever happening again.

SPEAKER_01 8:02

Aaron Powell That puts a whole new spin on IT support. It's not just have you tried turning it off and on again. It's step away from the keyboard and put your hands where I can see them.

SPEAKER_00 8:11

Basically. And look at the clearance levels required for these jobs.

SPEAKER_01 8:14

Yeah, I noticed that. The project manager too needs to manage over 30 people and they need a secret clearance.

SPEAKER_00 8:20

Right. But look at position number three, the conditional access policy administrator.

SPEAKER_01 8:25

I saw that one. Top secret clearance required. Tier five investigation.

SPEAKER_00 8:30

Because that person holds the keys to the kingdom. They are the ones actually configuring those zero trust policies. They decide who gets in and who gets blocked.

SPEAKER_01 8:39

So if a bad actor got that specific job.

SPEAKER_00 8:42

They could either lock the Navy entirely out of its own ships or just let the enemy walk right in the front door.

SPEAKER_01 8:48

It's literally the God mode of the network.

SPEAKER_00 8:50

Exactly. That's why the vetting for these roles is so extreme. You also have roles like the e-discovery administrator handling FOIA requests and capstone requirements.

SPEAKER_01 8:59

Basically the legal archivists of the cloud.

Clearances And God‑Mode Policies

SPEAKER_00 9:02

Right. They have to find needles in a massive digital haystack when the lawyers come calling. Yes. But then it talks about Oconis and afloat.

SPEAKER_01 9:22

Aaron Powell Right. Outside the continental U.S. and afloat, which means ships at sea.

SPEAKER_00 9:27

Aaron Ross Powell Ships, submarines, aircraft carriers, and this is honestly the hardest challenge in the entire contract.

SPEAKER_01 9:33

Why is that?

SPEAKER_00 9:34

Because connecting an office building in Virginia to the cloud is easy. You have fiber optic cables in the ground. But how do you connect a destroyer in the middle of the North Atlantic that's pitching in 20-foot ways to that same exact cloud?

SPEAKER_01 9:47

I assume satellites.

SPEAKER_00 9:49

Satellites, yes. But satellites move in orbit. The ship moves in the water, the weather interferes. The document gets very specific here about SD1.

SPEAKER_01 9:58

Software-defined wide area network.

SPEAKER_00 10:00

Right. And it lists specific metrics they have to track, like latency, jitter, and throughput.

SPEAKER_01 10:06

Aaron Powell Okay, I know jitter from gaming. If my internet jitter is high, my character teleports around the screen and I lose the match.

SPEAKER_00 10:13

Now imagine that instead of a video game, it's a missile defense system. Or a real-time tactical map of a combat zone.

SPEAKER_01 10:20

Oh. That is terrifying.

SPEAKER_00 10:22

If the jitter is too high, meaning the data packets are arriving at irregular intervals, the information essentially becomes garbage. You cannot have a commander looking at a screen that is five seconds behind reality because of lag.

SPEAKER_01 10:33

Aaron Powell So the contractor isn't just managing server space. They are fighting the actual physics of the connection.

SPEAKER_00 10:40

Exactly. They have to optimize that traffic on the fly so that the most critical data, the shoot command, gets through instantly, even if the connection is terrible.

SPEAKER_01 10:48

Aaron Ross Powell While maybe pausing the less important stuff like routine emails.

SPEAKER_00 10:52

Exactly. Prioritization is everything.

SPEAKER_01 10:54

Aaron Powell That really explains the mission essential clause I found in section 14.0. It was pretty dramatic for a contract. It listed hurricanes, snowstorms, tornadoes, and man-made disasters.

SPEAKER_00 11:05

Right.

SPEAKER_01 11:06

It effectively said, we don't care if the world is ending outside, the wash floor must be staffed.

Afloat Connectivity, SD‑WAN, And Jitter

SPEAKER_00 11:12

At least 25% manning minimum at all times. The network simply cannot go down. Even if that building in Suffolk is completely surrounded by flood waters, someone has to be in that chair.

SPEAKER_01 11:23

It really underscores the stakes here. This isn't corporate IT where if the system goes down on Sunday, you just fix it Monday morning over coffee.

SPEAKER_00 11:30

No. If this network goes down, ships lose their eyes and ears. They become isolated targets.

SPEAKER_01 11:35

It's life or death IT.

SPEAKER_00 11:36

It literally is.

SPEAKER_01 11:37

There was one detail in the government furnished equipment section, section 6.3, that honestly made me chuckle at first, but then I realized how serious it was. The government provides the desk, the chair, the computers, but it explicitly says no cellular phones.

SPEAKER_00 11:53

Zero. None allowed.

SPEAKER_01 11:55

And absolutely no connecting personal devices to the Navy Marine Corps internet, the NMCI.

SPEAKER_00 12:02

This goes back to the SEF culture, the sensitive compartmented information facility.

SPEAKER_01 12:07

Right, the secure rooms.

SPEAKER_00 12:08

You cannot bring a listening device, which is exactly what a smartphone is, into a room where top secret operations are happening. And you certainly cannot plug your personal iPhone into a Navy computer just to charge your battery. Oh, that happens all the time in the civilian corporate world. But in this environment, that is a massive security breach. Trevor Burrus, Jr.

SPEAKER_01 12:27

Because an unverified device is a threat vector under zero trust.

SPEAKER_00 12:30

Exactly. The phone could be compromised. It could be siphoning data over a cellular network right past the firewall.

SPEAKER_01 12:37

So imagine the culture shock for a young recruit or a fresh contractor straight out of college. You walk into work and you have to leave your digital limb, your phone, in a lockbox outside.

SPEAKER_00 12:47

You are completely disconnected from your personal life for eight, ten, maybe twelve hours a shift.

SPEAKER_01 12:53

Talk about withdrawal, but it makes sense. If you are fighting for absolute zero trust, you cannot trust an iPhone.

SPEAKER_00 13:00

Not even a little bit.

SPEAKER_01 13:31

So we're talking about boring AI.

SPEAKER_00 13:32

Aaron Powell, I prefer vital AI. Think back to that electronic spillage problem or the network jitter on the ship in the storm. A human administrator cannot physically watch every single data packet flow across a global network 24-7. But an AI can. It can learn what normal traffic looks like.

SPEAKER_01 13:50

And then it spots the anomaly.

SPEAKER_00 13:52

Right. If suddenly a printer in Guam starts trying to download a terabyte of classified data from a server in London at three in the morning, the AI spots that pattern instantly and flags it as an attack.

SPEAKER_01 14:05

Aaron Powell So it's automated defense.

SPEAKER_00 14:06

Yes. It's about modernizing their cybersecurity posture so they can roll out updates as fast as a tech startup. Feature rollouts are explicitly mentioned in section 5.3.7.

SPEAKER_01 14:17

Aaron Ross Powell That connects to another term I saw in there, HCI or hyper-converged infrastructure. The document talks about bringing cloud computing to the edge.

Mission Essential Operations Under Crisis

SPEAKER_00 14:24

Aaron Powell The Edge is the ship or the marine unit out in the field. HCI is fascinating. It is basically shrinking a massive data center down into a ruggedized box that you can carry or bolt into a submarine.

SPEAKER_01 14:36

Aaron Powell So it's a mini cloud?

SPEAKER_00 14:37

Ideally, yes. The goal is to give that ship its own local cloud computing capabilities.

SPEAKER_01 14:42

Aaron Powell So let's say the satellite link does go down. The ship is completely cut off from the main cloud back in Virginia.

SPEAKER_00 14:47

With HCI, the ship can still process its own data. It can run its local AI models and continue to fight the ship locally.

SPEAKER_01 14:55

It doesn't just turn into a floating brick because the internet is out.

SPEAKER_00 14:58

Exactly. It creates massive resiliency. And then when the satellite reconnects, it just sinks all the data back up with the mothership.

SPEAKER_01 15:05

This all sounds incredibly expensive and complex. We have been talking mostly about the performance work statement, but there was that second document, the sources sought.

SPEAKER_00 15:15

Right.

SPEAKER_01 15:15

This implies they haven't actually picked a winner for this contract yet.

SPEAKER_00 15:18

No, they haven't. And that is a critical point for anyone following the space. The sources sought notice is market research under NAICS CUNG 518210.

SPEAKER_01 15:28

Market research. So the Navy is just asking, does a company actually exist that can pull all of this off?

SPEAKER_00 15:33

It's a reality check. They are looking for companies with a top secret facility clearance who can handle everything from the old legacy hardware to this cutting-edge multi-cloud AI environment.

SPEAKER_01 15:45

And they have deliverables too, right? It's not just doing the tech work.

SPEAKER_00 15:48

Oh, the bureaucracy is heavy. The contractor has to submit trip reports, monthly financial reports, maintain a massive configuration management database or CMDB.

SPEAKER_01 15:58

They're asking small businesses and massive defense primes to respond by March 5th, 2026.

SPEAKER_00 16:04

That is a very tight turnaround.

SPEAKER_01 16:06

It is. It suggests the Navy is in a real hurry. They need this transition to happen right now.

SPEAKER_00 16:10

Well, the contract has a base period of five years starting February 25th, 2027, with a possible six-month extension.

No Phones And Culture Shock

SPEAKER_01 16:17

That gives them less their year to vet all these massive companies, award a multi-million or billion-dollar contract, and get this highly cleared team in place.

SPEAKER_00 16:26

It feels like a massive pivot. We are essentially watching a giant ship trying to turn on a dime.

SPEAKER_01 16:31

And that brings up the biggest risk in my mind when looking at all these documents. It's not really the technology. We have the commercial cloud, we have the AI models, we have zero trust software ready to go.

SPEAKER_00 16:41

What's the real risk then?

SPEAKER_01 16:42

I think it's the people, the human element in all of this. Think about all that friction we talked about with the Zero Trust Castle analogy. Zero trust inherently slows you down. It challenges you. It requires strict discipline.

SPEAKER_00 16:55

No cell phones, constant verification, hardware lockouts.

SPEAKER_01 16:59

Right. And you are rolling this out to a massive global organization that is very used to doing things a certain way. You can't just patch a human brain like you patch a server.

SPEAKER_00 17:10

That is a profound point. The PWS actually mentions retraining of personnel is a massive part of this transformation. And honestly, that might be the absolute hardest task in this entire stack of papers. Because if you don't get buy-in, you have to convince thousands of sailors and contractors that the annoyance of this new security system is actually their shield.

SPEAKER_01 17:31

If the culture doesn't embrace zero trust, the users will just find workarounds.

SPEAKER_00 17:36

Human nature.

SPEAKER_01 17:45

And then the drawbridge to the castle is wide open again.

SPEAKER_00 17:47

And then the castle is open.

SPEAKER_01 17:49

That is a sobering thought to leave you all with. In a world where the Navy assumes no one is safe until verified, and data is constantly flowing between commercial clouds and ships at sea, maybe the biggest challenge isn't writing the software. It's rewriting the mindset.

SPEAKER_00 18:06

It almost always is.

SPEAKER_01 18:08

Well, this has been a truly fascinating look into a stack of papers I would have normally used to level a wobbly table. It turns out the entire future of naval warfare is hiding in plain sight in this standard performance work statement.

SPEAKER_00 18:22

It usually is hiding in the paperwork if you know where to look.

Vital AI And Edge HCI Resilience

SPEAKER_01 18:25

Thanks for guiding us through the nuts and bolts of it. And to everyone listening, thanks for taking the deep dive with us. Next time you complain about your Office two factor authentication code taking too long to arrive on your phone, just remember at least you aren't trying to download it on a destroyer in the middle of a hurricane. We will catch you on the next one.