Cloud Security Fears Exaggerated, says Federal CIO

The U.S. Department of Homeland Security (DHS) is not afraid of the public cloud.

The agency is vetting cloud providers to host the public websites of the U.S. Citizenship and Immigration Service, as well as the Federal Emergency Management Agency, according to its CIO, Richard Spires. And the department's use of the public cloud providers is likely to grow, says a ComputerWorld article.

Spires believes public cloud vendors are on a path to handle more sensitive government information, particularly after the U.S. completes development of a planned security certification system for this industry. "I am a believer that we are going to, over the next few years, really solve a lot of the cybersecurity concerns that we have with cloud-based services," said Spires in the article.

Vivek Kundra, the federal CIO, has made cloud adoption a priority for federal agencies. But the agencies moving in this direction seem enthusiastic about it as well, and not simply because the president's top IT appointee thinks it's a good idea, says the article.

But Kundra also believes that cloud security issues have been used to discourage cloud adoption. "I think there's been an exaggeration," Kundra said in the article.

One of the reasons Kundra has been advocating cloud adoption is because it increases competition, something Spires sees as well. "I think when the government locks itself into one or just a couple of vendors for long periods of time we end up getting very inefficient services," Spires said in the article.

The U.S. Deptartment of Agriculture (USDA) is about two months away from completing its move of 120,000 users to a Microsoft hosted email and collaboration platform, says the article. The USDA had been running 27 separate email systems and expects to save $6 million annually with this change.

Federal agencies that are considering public cloud, such as the DHS, are using the U.S. General Services Agency's infrastructure as a service contract to compare vendors, the article says. The pre-approved list of about a dozen vendors includes Amazon, Microsoft, and Verizon and others that meet U.S. government requirements. In a number of cases, these cloud providers have submitted joint offerings with government-specific contractors.

Kundra, who is leaving his post next month, also reiterated his criticism that government contracts are being won by vendors who understand the procurement process "better than the technology they are deploying." To help open the government to smaller IT business, Kundra cited a number of steps, including Apps.gov, a platform that allows small companies to display their products. "It gave a small start-up the same chance to engage with the federal government that a tech titan has," he said.

The government has been bringing in venture-backed firms to present before government CIOs as well, said Kundra. The U.S. also has a rule to pull funding from any IT project that isn't delivering value six months from implementation, Kundra said. (http://www.computerworld.com/s/article/9218702/Cloud_security_fears_exaggerated_says_federal_CIO?taxonomyId=158&pageNumber=1)

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.