In Government, Private Clouds May Trump Google Apps

The <a href="http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=226200297">news that</a> Google Apps for Government achieved FISMA certification and accreditation makes it easier for Uncle Sam to sign up for Google's cloud services. But what does that milestone actually mean for federal agencies?

Michael Biddick, CEO, Fusion PPT

August 6, 2010

3 Min Read

The news that Google Apps for Government achieved FISMA certification and accreditation makes it easier for Uncle Sam to sign up for Google's cloud services. But what does that milestone actually mean for federal agencies?In an InformationWeek Government survey of 152 federal IT pros who are using or assessing cloud services, 57% indicated it was unlikely that their agencies would be tapping into commercial cloud services. Why? Ninety-three percent cited security concerns. Our research shows that agencies are more interested in creating private clouds and optimizing their data centers than in moving apps to a public cloud environment. Smaller, independent agencies may find public clouds appealing, but the reality is that services like e-mail and collaboration are already deployed internally and in many cases cheaper than moving to the cloud.

Clearing FISMA's C&A is a good start for Google, but individual agencies have their own C&A processes. FISMA certification may shorten the time to move a cloud service into production, but it doesn't eliminate the red tape of separate C&A audits. FISMA C&A is a step in the right direction, but we're unlikely to see a flood of agencies sign-up for Google's services based merely on GSA's stamp of approval. Instead of public cloud services, agencies are turning to data center consolidation, in the form of the private cloud projects and working to adopt elements of the public cloud models that help reduce costs and increase the overall efficiency of their IT systems. In the same survey, when respondents were asked which characteristics of a private cloud are most important, 78% pointed to "highly secure." Control was also an underlying theme, as we found agencies unwilling to relinquish the control they have within their own data centers. With such a focus on security, it was interesting to see thousands of sensitive documents pertaining to the war in Afghanistan released on Wikileaks.org. This security breech wasn't the result of someone hacking into a cloud server, but of one person providing them to another. It underscores the point that human error, misconduct, and cyber attacks sometimes occur and can cause damage to our ability to contain information. So cloud security isn't just a function of technology, and fears over cloud security shouldn't be overblown.

While many agencies are at the beginning stages of creating cloud environments in their data centers, they need to get serious about reducing costs and achieving efficiencies. Those efforts will free resources to focus on other challenges, including security and innovative options to deal with threats.

FISMA C&A is a step in the right direction for Google, but we're unlikely to see a flood of agencies sign-up for Google's services based merely on GSA's stamp of approval. The challenge for many agencies is how to get started in building private clouds. InformationWeek Analytics' four-part series of reports on private clouds in government was designed to help with that. In the last report in our series, "Cloud Implementer's Checklist," we provide a "to do" list to help with the move from planning private clouds to actual deployment. We explore hardware and software requirements, as well as the policy and security issues that must be taken into account in the move to created shared IT services environments using the cloud model.

You can download our reports (registration required) here:

#1: The Business Case For Government Clouds

#2: Government Cloud Platform Strategy

#3: Cloud Compliance In Government

#4: Cloud Implementer's Checklist



Once your agency has completed the business case for deploying a private cloud, how do you actually move ahead with your data center transformation? In this InformationWeek Government Webcast, we'll explore steps to get you there. It happens Aug. 11. Register now.

Read more about:

20102010

About the Author(s)

Michael Biddick

Michael Biddick

CEO, Fusion PPT

As CEO of Fusion PPT, Michael Biddick is responsible for overall quality and innovation. Over the past 15 years, Michael has worked with hundreds of government and international commercial organizations, leveraging his unique blend of deep technology experience coupled with business and information management acumen to help clients reduce costs, increase transparency and speed efficient decision making while maintaining quality. Prior to joining Fusion PPT, Michael spent 10 years with a boutique-consulting firm and Booz Allen Hamilton, developing enterprise management solutions. He previously served on the academic staff of the University of Wisconsin Law School as the Director of Information Technology. Michael earned a Master's of Science from Johns Hopkins University and a dual Bachelor's degree in Political Science and History from the University of Wisconsin-Madison. Michael is also a contributing editor at InformationWeek Magazine and Network Computing Magazine and has published over 50 recent articles on Cloud Computing, Federal CIO Strategy, PMOs and Application Performance Optimization. He holds multiple vendor technical certifications and is a certified ITIL v3 Expert.

See more from Michael Biddick
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

cybercrime abstract with two locks
Cyber Resilience
10 Cyber Incident Response Tips From Those Who've Had a Breach and Lived to Tell About It10 Cyber Incident Response Tips
bySara Peters
May 8, 2024
6 Min Read
DNA (deoxyribonucleic acid) strand, illustration.
Data Management
DNA is an Ancient Form of Data Storage. Is it Also a Radical New Alternative?DNA is an Ancient Form of Data Storage. Is it Also a Radical New Alternative?
byRichard Pallardy
May 7, 2024
15 Min Read
Paul Nakasone, former director of the National Security Agency, and a former commander of US Cyber Command, speaks at the RSA Conference 2024.
Cyber Resilience
Four Horsemen of Cyber Reunite at the RSA ConferenceFour Horsemen of Cyber Reunite at the RSA Conference
byJoao-Pierre S. Ruth
May 9, 2024
6 Min Read
Technologist and author Bruce Schneier addresses the crowd at RSA Conference 2024 about the future impacts of AI on democracy.
Machine Learning & AI
Bruce Schneier: 5 Ways AI Could Shake Up DemocracyBruce Schneier: 5 Ways AI Could Shake Up Democracy
byShane Snider
May 8, 2024
6 Min Read
Business innovative solution and creative concept as a paper boat tied to a light bulb
IT Leadership
9 Ways to Ensure Continuous Innovation9 Ways to Ensure Continuous Innovation
byLisa Morgan
Apr 2, 2024
9 Slides
Webinars
More Webinars
White Papers
More White Papers
Live Events
More Live Events
Reports
More Reports
May 2, 2024
While there are plentiful options in cyber resiliency and business continuity tools and platforms, there isn’t one that can knock out everything from sudden cloud outages to prolonged ransomware attacks in a single punch. What can you do to keep the company on its feet no matter what is thrown at it? Find out in this new virtual event.
Reserve Your Seat Now