Government shouldn’t be averse to being in the cloud
Posted by Kent Welch - Director, Product Management on Fri, Aug 26, 2011
Vivek Kundra wants the federal government in the clouds. The White House’s chief information officer predicts that cloud computing could save the federal government at least $3 billion a year, so before stepping down after two-and-a-half years on the job he gave all federal agencies under the White House’s purview a firm push in that direction. Kundra directed all new federal technology programs to consider cloud computing, and that every department had to change over three existing programs from conventional to cloud-based infrastructures.
But agencies that deal with sensitive information – notably the State and Defense departments – aren’t too keen on the idea, according to a New York Times report this week. They aren’t convinced the cloud is secure enough, especially in light of cyber-attacks against high-security government contractors like defense giants Lockheed Martin and Boeing and the Pentagon itself.
The heads of government agencies are right to be concerned with security, but that concern shouldn’t prevent government computing and data storage to go to the cloud. Its cost and efficiency advantages over conventional IT infrastructures are too persuasive to ignore. As bombastic as some publicized security breaches are, none of them were caused by cloud infrastructures. Even locking down internally housed data doesn’t prevent attacks and data loss, so the cloud doesn’t add to the overall risk to data from internal and external attacks. Knowing and managing risks and taking advantage of the industry’s best experience to secure data and efficiently manage information systems beats a hunkered-down, fear-based bunker mentality.
The cloud’s potential for reducing the government’s IT costs are obvious. Sprawling federal departments with operations across the country and the world can use the cloud to tie their IT operations together at a fraction of conventional IT costs. Instead of creating new server and network environments for each new project, departments can connect them to shared resources over the Internet that can expand or contract in response to demand. The ability to access data and applications from any site with an Internet connection also makes federal workers more flexible and productive.
This isn’t speculation, it’s fact. Companies in every industry are using cloud infrastructures to curb IT sprawl. Sensitive information – financial data, medical records, Social Security numbers – already exists in the cloud. Much of the Fortune 500 and a larger percentage of medium-sized and small companies entrust sales data and customer information to Salesforce.com, arguably the world’s most successful cloud-based company. Large-scale security breaches occasionally make the news, but they’re news because they’re rare. Risk is a part of doing business – and governing – in the Information Age. With effective access risk management strategies based on policies and processes that encompass cloud, mobile and on-premise information systems, the risk is more reasonable and potentially more lucrative.