Cloud
Commentary
3/24/2009
05:43 PM
John Foley
John Foley
Commentary
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Uncle Sam's Cloud Computing Dilemma

Federal agencies are under pressure to deploy cost-effective IT systems quickly, and cloud computing is one of the solutions favored by the Obama Administration. Yet, would-be cloud users in government will have to navigate a thicket of security requirements and other guidelines, warns one expert.

Federal agencies are under pressure to deploy cost-effective IT systems quickly, and cloud computing is one of the solutions favored by the Obama Administration. Yet, would-be cloud users in government will have to navigate a thicket of security requirements and other guidelines, warns one expert.In a slide presentation shared with attendees at a cloud interoperability workshop yesterday in Arlington, Va., John Curran, CTO and COO of ServerVault, tackled the question of what cloud vendors could do to let federal agencies use cloud services while complying with federal IT policies. "For many agency applications, stringent compliance requirements in areas such as privacy, financial controls, and health information will preclude use of public clouds, regardless of the actual security controls of the provider," he says.

Curran outlines a handful of existing regulations originally designed for outsourced IT that he says also apply to cloud computing. They include FISMA section 3544b, the OMB M-08-21, and FIPS publication 199 and 200. You can get more detail on those requirements from Curran's downloadable presentation here.

According to Curran, the "Federal CIO's dilemma" is that cloud computing, in some respects, represents a newer, better approach to IT, but issues around security, compliance, and interoperability are yet to be resolved. He presents a to-do list to get the cloud computing industry from here to there. It includes technical standards for interoperability, to support data and applications portability across public clouds, as well as between public clouds and "private" government cloud environments.

As a managed service provider to government agencies, ServerVault has already cleared the hurdle on some of the strict facility, personnel, and process requirements of providing IT services to Uncle Sam. I asked Curran whether federal agencies would tap into cloud services from general purpose cloud providers such as Amazon and Google. "That's the big question," he said.

The most likely scenario, he said, is that federal agencies would use commercial cloud services for unclassified, "low impact" data and applications--those in which any data loss would have minimal adverse effect--and not for data or applications more sensitive in nature.

Comment  | 
Print  | 
More Insights
2014 Next-Gen WAN Survey
2014 Next-Gen WAN Survey
While 68% say demand for WAN bandwidth will increase, just 15% are in the process of bringing new services or more capacity online now. For 26%, cost is the problem. Enter vendors from Aryaka to Cisco to Pertino, all looking to use cloud to transform how IT delivers wide-area connectivity.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 24, 2014
Start improving branch office support by tapping public and private cloud resources to boost performance, increase worker productivity, and cut costs.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.