Google has already been approved as a FedRAMP launch vendor, and now has submitted its final materials to certify its government-specific cloud.
Google has submitted final materials to get its cloud computing services certified for use by federal agencies, and is nearing release of its government-specific cloud, a top Google executive said Wednesday.
While Google Enterprise president Dave Girouard admitted in an interview after his keynote at the Gov 2.0 Expo in Washington, D.C., that the process had taken longer than some may have anticipated -- Google announced its government cloud computing plans last September -- he said that conversations with potential customers are already underway.
Among the government customers Google already has for Google Apps are the city of Los Angeles and Lawrence Berkeley National Laboratory. However, Google remains locked in a battle for customers with other providers like Microsoft, as shown by the fact that the University of Arizona, a Google Apps customer, recently signed a deal to become a customer of Microsoft's Business Productivity Online Suite.
In the federal sector, more than 100 federal agencies are already customers of Google's other products, including Google Earth, Google Maps, and Google Enterprise Search. Those relationships provide Google, which has been steadily building its federal presence with offices in Washington, D.C., and Reston, Va. under the watch of former Microsoft federal executive Mike Bradshaw, with the contacts necessary to develop business in the federal sector once Google completes its federal certifications and launches its government cloud.
"We have a lot of state and local interest, and, increasingly, with FISMA certification arriving soon, think we have an opportunity with the federal sector," Girouard said, referring to the security requirements of the Federal Information Security Management Act, which govern federal cybersecurity.
Google is one of the launch vendors for FedRAMP, a forthcoming federal government process that will enable cloud computing vendors to certify their services once for federal use, and then have those certifications able to be leveraged by multiple agencies who want to use those services. The current process is to do everything agency by agency.
The FedRAMP process could decrease one of the primary concerns vendors have had about getting into the federal space, that of inconsistent security requirements across government. "Expectations about the cloud have to be a little different," he said. "Although we have tried to make our services as flexible as possible in terms of the ability to set policies, we can't have different settings for everything for everyone -- it would fundamentally break the cloud."
However, Girouard said that in addressing the federal government's unique cybersecurity demands, the majority of Google's work thus far has centered around documenting, clarifying, and explaining Google's security rather than re-inventing or changing its security posture.
Still, one of the persistent concerns about Google has been its commitment to enterprise security, and the well-publicized recent hacking attempts on Google have done little to ameliorate those concerns. "We are going to be first and best in cloud security," Girouard said, noting features like forced SSL encryption in the government cloud offerings.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.