The government's relationship with cloud computing has been an evolving affair. Initially, there was skepticism that cloud solutions could not provide the needed security that on-premise systems had been providing. With checks and balances provided by FedRAMP, security concerns were slowly but surely overcome. With the move to more remote work and the demand for digital interaction with citizens, cloud has moved from a novel approach to a necessary part of the Federal IT infrastructure.
Cloud and Security
Initial concerns about the levels of security maintained by cloud providers have proven to be unfounded. Cloud systems are built with security as a top of mind concern by some of the brightest, most experienced cyber experts in the world. No matter how skilled Federal IT teams are, they just cannot build an on-premises system that meets the same rigors. In fact, today cloud security concerns lie with the users of cloud rather than the providers.
A recent survey of over 700 industry experts on cloud security issues, showed that cloud adopters appear to be the "weak links." It found that threats are moving up the stack to user-controlled issues such as identity and access management, insecure interfaces, misconfiguration, poor coding practices and a lack of a cloud security architecture and strategy. Even with the security built into cloud, organizations are still responsible for their end of the cyber bargain to keep threats at bay.
Cloud and Data
Cloud systems are critical to managing the ever-growing amounts of data being gathered from digital interaction with citizens as well as from IoT devices. New York State is utilizing the cloud to gather, store, and analyze air quality data from sensors deployed in communities across the state. The goal is to pinpoint areas disproportionately impacted by car or industrial exhaust so that environmental programs and remediation can be launched to make an immediate impact on air quality.
Cloud technology is also critical in improving citizen service. San Joaquin County, California is consolidating disparate back office systems into a cloud solution so that data can be more easily shared across departments. This means that if a citizen has a request (say getting a business license) that involves multiple agencies, it can be tracked through the process without the citizen having to navigate next steps to complete a task.
The Cloud Future is Hybrid
Initial cloud implementations focused on standardizing on a single vendor. This approach is what doomed the DoD JEDI contract that never got off the ground. As the contract was competed (and re-competed) the need for a multi-vendor approach became clear. The DoD is now looking to award and launch the Joint Warfighting Cloud Capability program to a set of cloud vendors in December of 2022 as a DoD-wide cloud solution that can deploy AI and ML in the real operational mission.
A recent survey showed there is not a clear preference among government cloud vendors, with each having their own strengths. The report found that 37.3% of IT leaders regarded Microsoft Azure as the "most robust" cloud platform, while 32.1% favored AWS and 29.7% favored Google Cloud. Respondents liked AWS' capacity and architecture, Microsoft Azure's industry-specific applications and Google's strategy of making large investments in firms that agree to sign on to their cloud services. A hybrid approach allows organizations to take advantage of strengths in line with the applications and missions they are moving to cloud.
Exploring Cloud in Government
GovEvents and GovWhitePapers have a wide variety of cloud resources that delve into how the government is utilizing cloud to achieve missions.
- CSA Federal Summit (October 13, 2022; Washington, DC) - With cloud firmly entrenched as the primary IT system worldwide and cloud security now the foundation of cybersecurity programs, establishing cyber resilience across IT portfolios has become imperative. Cloud Security Alliance brings together industry thought leaders to discuss the latest standards, approaches, and technologies to build cyber resilience and Zero Trust into your programs.
- CyberSolutions Fest 2022: Cloud Security (October 14, 2022; webcast) - Leading solution providers and practitioners will highlight the newest techniques and technologies that organizations of all types and sizes are leveraging to better secure and manage their cloud services and environments.
- Oracle Cloud World 2022 (October 17-20, 2022; Las Vegas, NV) - Learn about cloud infrastructure and application solutions that meet business and mission needs.
- Cloud Together Summit (November 17, 2022; Arlington, VA) - Top leaders and influencers from government and industry will share insights on the challenges in a post Cloud-first / Cloud-smart era. Discussions include how to unify resources across private and public clouds, simplify the command and control of IT infrastructure, and leverage AI to seamlessly deliver the right resources where and when they're needed.
- How Cloud Computing is Enabling Artificial Intelligence (white paper) - Participants in a roundtable discussed ways the cloud has evolved to allow for new and emerging technologies like Artificial Intelligence and the Internet of Things. They also shared some of the challenges they face when developing and testing new technologies in current environments.
- Harnessing the Power of the Cloud (white paper) - This paper takes a look at how cloud-based solutions have improved productivity and citizen engagement in communities from the State of Oregon to Teaneck, New Jersey.
Visit GovEvents and GovWhitePapers for more insights on cloud in government. New events and resources are added daily.