Cloud security fears exaggerated, says federal CIO

Says fear amplified because it preserves the status quo

WASHINGTON - The U.S. Department of Homeland Security (DHS) is not afraid of the public cloud.

Indeed, this agency is vetting cloud providers to host the public websites of the U.S. Citizenship and Immigration Service, as well as the Federal Emergency Management Agency, according to its CIO, Richard Spires. And the department's use of the public cloud providers is likely to grow, he said.

Spires believes public cloud vendors are on a path to handle more sensitive government information, particularly after the U.S. completes development of a planned security certification system for this industry.

"I am a believer that we are going to, over the next few years, really solve a lot of the cybersecurity concerns that we have with cloud-based services," said Spires.

Vivek Kundra, the federal CIO , has made cloud adoption a priority for federal agencies. But the agencies moving in this direction seem enthusiastic about it as well, and not simply because the president's top IT appointee thinks it's a good idea.

But Kundra also believes that cloud security issues have been used to discourage cloud adoption. "I think there's been an exaggeration," Kundra said.

Doubts about cloud security were expressed by some U.S. lawmakers at a recent hearing by the U.S. House Oversight and Government Reform Committee.

"A lot of people are sort of driving this notion of fear around security ," Kundra said. "And the reason I think that's been amplified, frankly, is because it preserves the status quo."

Kundra, along with some federal CIOs, was at a forum at the U.S. Capitol Wednesday that he organized along with Sen. Tom Carper (D-Del.), on cloud adoption by the government. Sen. Scott Brown (R-Mass.), was also a speaker. "The federal government, for some crazy reasons, has tried to treat every IT system like it is a national security system," Kundra said.

The federal Recovery.gov site is being hosted on Amazon's EC2 cloud, said Kundra. "That's public data -- there's no reason to build a fortress around that and treat it like it's a CIA or NSA system," he said.

One of the reasons Kundra has been advocating cloud adoption is because it increases competition, something Spires sees as well. "I think when the government locks itself into one or just a couple of vendors for long periods of time we end up getting very inefficient services," Spires said.

The U.S. Deptartment of Agriculture (USDA) is about two months away from completing its move of 120,000 users to a Microsoft hosted email and collaboration platform. The USDA had been running 27 separate email systems and expects to save $6 million annually with this change.

By moving from in-house systems to a cloud provider for its email, Chris Smith, the USDA's CIO, said the department wasn't locking itself in to Microsoft's cloud. In developing its acquisition, the department ensured that data portability was built into it, he said.

Federal agencies that are considering public cloud, such as the DHS, are using the U.S. General Services Agency's infrastructure as a service contract to compare vendors. This is a pre-approved list of about a dozen vendors that includes Amazon, Microsoft, and Verizon, among others that meet U.S. government requirements.

Kundra, who is leaving his post next month, also reiterated his criticism that government contracts are being won by vendors who understand the procurement process "better than the technology they are deploying."

He has said that this has led to something akin to an " IT cartel " in the federal government.

To help open the government to smaller IT business, Kundra cited a number of steps, including Apps.gov, a platform that allows small companies to display their products. "It gave a small start-up the same chance to engage with the federal government that a tech titan has," he said.

The government has been bringing in venture-backed firms to present before government CIOs as well, said Kundra. The U.S. also has a rule to pull funding from any IT project that isn't delivering value six months from implementation, Kundra said.

Patrick Thibodeau covers SaaS and enterprise applications, outsourcing, government IT policies, data centers and IT workforce issues for Computerworld. Follow Patrick on Twitter at @DCgov or subscribe to Patrick's RSS feed . His e-mail address is pthibodeau@computerworld.com .

Read more about cloud computing in Computerworld's Cloud Computing Topic Center.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Patrick Thibodeau

Computerworld (US)
Topics: Government use of IT, IT in Government, U.S. Department of Homeland Security, internet, cloud computing, government
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
Use WhistleOut's technology to compare:
Mobile phone plans & deals
Mobile phone models
Mobile phone carriers
Broadband plans & deals
Broadband providers
Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?