Cloud
Commentary
12/10/2010
01:59 PM
John Foley
John Foley
Commentary
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Where's Government Data In The Cloud?

Amid the Obama administration's 'cloud first' strategy, federal agencies face the prospect of seeing their data go offshore. There's a lesson to be learned from WikiLeaks.

Top 20 Government Cloud Service Providers
(click image for larger view)
Slideshow: Top 20 Government Cloud Service Providers

The U.S. government has adopted a "cloud first" strategy -- a policy baked into the Office of Management and Budget’s new IT reform plan -- and federal IT pros are mulling how to get started. They might begin with this question: Where exactly will my agency’s data be stored in the cloud?

Cloud computing is a borderless concept, where workloads are distributed across global data centers, yielding the benefits of scale, efficiency, and resilience. Theoretically, you shouldn't have to worry about the physical location of virtual servers and storage because the cloud is engineered for optimal -performance.

But ignorance isn't bliss when it comes to data governance in the cloud. What you don't know about the whereabouts of your organization’s data can hurt you. The risks include security breaches, violations of U.S. laws and regulations, and even snooping by foreign governments.

Marsha McIntyre, an attorney with Hughes Hubbard & Reed who specializes in export control law, recently laid out a slew of issues associated with data that is subject to U.S. export controls, such as the International Traffic In Arms Regulations and the Export Administration Regulations. Those rules can apply to blueprints, drawings, models, specifications, photos, and plans, all of which are common in government offices. "Providing export-controlled data to a data center located outside the U.S. could be considered an export to the data center location, which could require export authorization," McIntyre wrote in a column for InformationWeek. Penalties for violating the law can reach $1 million and 20 years in prison.

Given OMB's top-down push for cloud computing adoption, you'd think it would have articulated a formal policy on where cloud data gets stored. So far, however, there is no such guidance, which could explain why two agencies -- the General Services Administration and the U.S. Department of Agriculture -- outlined different requirements in their pursuit of cloud services contracts.

GSA announced earlier this month that it has awarded a five-year, $6.7 million contract to Unisys, which will be working with Google to provide Google Apps to 17,000 GSA employees and contractors. The deal raised the ire of Microsoft, which called attention to the fact that GSA's request for proposals -- which originally specified that "data at rest" must reside within the United States -- had been modified to allow for the offshoring of its data.

Why the change? That's not clear, but the implication is that it was done to accommodate one of the cloud vendors bidding on the job, which went to Unisys-Google. When asked about it, GSA CIO Casey Coleman acknowledged that "GSA did not constrain the offerers geographically," but she emphasized that data security and compliance with federal regulations are of utmost importance, and that those are more a function of appropriate processes and procedures than location.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
2014 Next-Gen WAN Survey
2014 Next-Gen WAN Survey
While 68% say demand for WAN bandwidth will increase, just 15% are in the process of bringing new services or more capacity online now. For 26%, cost is the problem. Enter vendors from Aryaka to Cisco to Pertino, all looking to use cloud to transform how IT delivers wide-area connectivity.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government Tech Digest Oct. 27, 2014
To meet obligations -- and avoid accusations of cover-up and incompetence -- federal agencies must get serious about digitizing records.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and community news at InformationWeek.com.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.