Cloud Security, Costs Concern Federal IT Pros - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Cloud
News
1/31/2012
12:18 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Cloud Security, Costs Concern Federal IT Pros

As White House continues to push cloud computing, federal IT managers still worry about security and costs, Ponemon survey finds.

Top 10 Open Government Websites
Top 10 Open Government Websites
(click image for larger view and for slideshow)
Federal IT managers are working to adopt cloud computing technologies and comply with White House cloud computing initiatives, but aren't yet sold on cloud computing's cost savings or security, according to a recent survey.

According to the survey by research group the Ponemon Institute, 91% of federal IT workers are either somewhat or very familiar with the Office of Management and Budget's Cloud First initiative, but 69% believe that the initiative's requirement to move three services to the cloud over 18 months is too fast. In fact, 71% of respondents said that pressure to move to the cloud creates security risks for their organizations.

Federal CIO Steve VanRoekel and his predecessor Vivek Kundra have been strong advocates of the government's move to cloud computing throughout the Obama administration. Numerous efforts, including Cloud First and the FedRAMP security authorization initiative, have been set up to help accelerate that move.

Even beyond the worry that pressure to accelerate deployment increases risks, however, cloud security remains a major concern for federal IT pros. The survey indicated that 54% of federal IT workers are not confident about their cloud service providers' ability to provide sufficient data protection and security, but more IT pros believe their agency--rather than providers--should be the most responsible for cloud security.

[ Find out how government CIOs are transitioning to the cloud. See Federal Cloud Strategy: 10 Case Studies. ]

Fewer than half of federal IT pros say that their cloud service providers are fully compliant with the Federal Information Security Management Act (FISMA), which governs federal agencies' cybersecurity requirements, and fewer than a quarter say they are just as secure as on-premises IT services.

Almost half of the IT workers surveyed believe that insider threats and vulnerabilities were more prominent in the cloud than in on-premises environments--more than believe that unauthorized public disclosure was more likely in the cloud. In all, 54% say it is either very likely or likely that their organizations will suffer a security breach over the next year due to an insecure cloud provider.

According to the survey, IT pros think that the most important physical security step cloud service providers can take is to locate their servers within the United States, followed by isolating government data from other data, and requiring background checks for data center workers and others who have access to government agencies' services. However, 62% of pros said they are not confident that their organizations know all the privileged users who had access to their cloud providers' servers and storage devices.

In addition to security, IT pros are also not sold on cloud computing's cost benefits, according to the survey. In fact, more IT pros believed that the long-term costs of cloud computing will be more expensive than traditional IT than those who believed that long-term costs would go down. That contrasts with non-IT workers surveyed by Ponemon, who believed costs would decrease thanks to cloud computing. That disconnect could be the reason why 65% of IT pros say that they're not confident their organization understands the true long-term costs of migrating to the cloud.

How 10 federal agencies are tapping the power of cloud computing--without compromising security. Also in the new, all-digital InformationWeek Government supplement: To judge the success of the OMB's IT reform efforts, we need concrete numbers on cost savings and returns. Download our Cloud In Action issue of InformationWeek Government now. (Free registration required.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
The Best Way to Get Started with Data Analytics
John Edwards, Technology Journalist & Author,  7/8/2020
Slideshows
10 Cyberattacks on the Rise During the Pandemic
Cynthia Harvey, Freelance Journalist, InformationWeek,  6/24/2020
News
IT Trade Shows Go Virtual: Your 2020 List of Events
Jessica Davis, Senior Editor, Enterprise Apps,  5/29/2020
White Papers
Register for InformationWeek Newsletters
The State of IT & Cybersecurity Operations 2020
The State of IT & Cybersecurity Operations 2020
Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!
Video
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
Slideshows
Flash Poll