When the cloud is a utility
Although government agencies are starting to take advantage of the cloud's scalability and potential for nearly loss-proof data storage, they must prepare to navigate the cloud’s pay-as-you-go utility model, in which service is purchased according to need.
The first step is changing agencies' mindset about the cloud.
With any system in the government space, the first consideration should always be security. In terms of IT, agencies sometimes become trapped in an "if it ain’t broke don’t fix it" mentality. This often stems from a fear of the unknown -- especially with cloud, which often usually means moving files and/or processes from a server in the next room to a data center potentially thousands of miles away.
While the transition can be complicated and risky, the concerns surrounding cloud security aren’t always based in reality. Yes, agencies should consider their risk tolerance. Yes, they should carefully determine which data and processes should be kept in the cloud. But the discussion shouldn’t be skewed by myths of the cloud as insecure, because that’s all they are: myths. Cloud providers have time and money to invest in security measures that federal agencies often can’t implement because of budgetary and regulatory constraints. Agencies get access to these benefits through the utility model, thus avoiding massive up-front costs.
Agencies may have reservations about cloud storage for sensitive information, and that’s understandable. Undoubtedly, some files are too sensitive for anything short of an air-gapped, on-site storage system. But this shouldn’t disqualify other data. After all, much of the government’s data is public domain and thus not subject to strict security measures.
With utility comes scalability
Federal agencies cope with a fair amount of cognitive dissonance, particularly in terms of technology. On one hand, there’s a demonstrated desire to evolve and innovate. In addition to stiff competition for talent from the private sector, federal IT also faces endless threats from hackers unencumbered by bureaucracy, regulations and barriers to innovation.
At the same time, however, agencies face all the challenges that hackers and private-sector teams do not -- and then some. Of course, nothing paralyzes growth and innovation more than fear of the unknown and the complacency it can cause. And there’s no sharper example of this than the mindset around cloud.
In our current reality, agencies are used to buying hardware in bulk and clinging to it until regulations or system failures force change. And while many agencies might hope to retain existing solutions while scaling up, the high costs of scaling an on-site system make such a scenario almost impossible. With the cloud utility model, however, IT managers can scale their subscription to match their agency’s growth.
Keeping up with IT’s shifting landscape requires agencies to adapt their approaches. Forcing pioneering technologies into outmoded processes and vice versa is a battle lost before it begins. To capitalize on new systems, agencies must consider ceding some degree of ground to the new guard. Instead of just repackaging old processes, we must consider how new technology can enhance an agency’s mission, be it through cost savings, efficiency, security or otherwise.
The IT landscape relentlessly changes. We face constantly evolving threats, and agencies can’t afford to be outpaced. Meeting these challenges requires not only accepting the inevitable transition, but acting on it and embracing it. Whether for budgetary or compliance or security reasons, the time to prepare is now.
Greg Kushto is director of security and enterprise networking at Force 3.