In Washington on Thursday, government officials held a hearing to examining the benefits and risks of the federal government’s transition to cloud computing.

The hearing, held by the House Committee on Oversight and Government Reform and the Subcommittee on Government Management, Organization, and Procurement, featured federal CIO Vivek Kundra and other government IT leaders, Carnegie Mellon University professor Gregory Ganger, and representatives from EMC, Google, Microsoft, and Salesforce.com.

To hear Google tell it, cloud computing is mostly a good thing. Mike Bradshaw, director of Google's federal government group, said that cloud computing can improve security, save tax dollars, and improve efficiency and collaboration.

"Agencies face significant challenges with lost or stolen laptops that contain sensitive data," he said in prepared testimony. "The cloud enhances security by enabling data to be stored centrally with continuous and automated network analysis and protection."

Scott Charney, president of Microsoft's trustworthy computing group, also had nice things to say about cloud computing, but he was more careful about talking up the security benefits.

"Cloud computing in its many forms creates tremendous new opportunities for cost savings, flexibility, scalability and improved computing performance for government, enterprises and citizens," he said in a summary of his remarks. "At the same time, it presents new security, privacy and reliability challenges, which raise questions about functional responsibility (who must maintain controls) and legal accountability (who is legally accountable if those controls fail)."

As described by Charney, security is a shared responsibility that cloud providers and government clients need to address, through the communication of requirements and transparency about the utility of controls put in place to meet those requirements.

The Government Accounting Office, in a report released on Thursday, offers perhaps the most realistic assessment of cloud computing. "Cloud computing can both increase and decrease the security of information systems in federal agencies," the GAO concludes, noting that 22 out of 24 major federal agencies are either concerned or very concerned about potential information security risks associated with cloud computing.

Cloud computing may be inevitable in government IT, but Google, Microsoft and the rest of the vendor community aren't done selling the idea.

Once your agency has completed the business case for deploying a private cloud, how do you actually move ahead with your data center transformation? In this InformationWeek Government Webcast, we'll explore steps to get you there. It happens Aug. 11. Register now.