Federal agencies are under pressure to deploy cost-effective IT systems quickly, and cloud computing is one of the solutions favored by the Obama Administration. Yet, would-be cloud users in government will have to navigate a thicket of security requirements and other guidelines, warns one expert.
Federal agencies are under pressure to deploy cost-effective IT systems quickly, and cloud computing is one of the solutions favored by the Obama Administration. Yet, would-be cloud users in government will have to navigate a thicket of security requirements and other guidelines, warns one expert.In a slide presentation shared with attendees at a cloud interoperability workshop yesterday in Arlington, Va., John Curran, CTO and COO of ServerVault, tackled the question of what cloud vendors could do to let federal agencies use cloud services while complying with federal IT policies. "For many agency applications, stringent compliance requirements in areas such as privacy, financial controls, and health information will preclude use of public clouds, regardless of the actual security controls of the provider," he says.
Curran outlines a handful of existing regulations originally designed for outsourced IT that he says also apply to cloud computing. They include FISMA section 3544b, the OMB M-08-21, and FIPS publication 199 and 200. You can get more detail on those requirements from Curran's downloadable presentation here.
According to Curran, the "Federal CIO's dilemma" is that cloud computing, in some respects, represents a newer, better approach to IT, but issues around security, compliance, and interoperability are yet to be resolved. He presents a to-do list to get the cloud computing industry from here to there. It includes technical standards for interoperability, to support data and applications portability across public clouds, as well as between public clouds and "private" government cloud environments.
As a managed service provider to government agencies, ServerVault has already cleared the hurdle on some of the strict facility, personnel, and process requirements of providing IT services to Uncle Sam. I asked Curran whether federal agencies would tap into cloud services from general purpose cloud providers such as Amazon and Google. "That's the big question," he said.
The most likely scenario, he said, is that federal agencies would use commercial cloud services for unclassified, "low impact" data and applications--those in which any data loss would have minimal adverse effect--and not for data or applications more sensitive in nature.
2014 Next-Gen WAN SurveyWhile 68% say demand for WAN bandwidth will increase, just 15% are in the process of bringing new services or more capacity online now. For 26%, cost is the problem. Enter vendors from Aryaka to Cisco to Pertino, all looking to use cloud to transform how IT delivers wide-area connectivity.
Server Market SplitsvilleJust because the server market's in the doldrums doesn't mean innovation has ceased. Far from it -- server technology is enjoying the biggest renaissance since the dawn of x86 systems. But the primary driver is now service providers, not enterprises.
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.