Federal Government in the Cloud

Interest, curiosity, and skepticism reign in Washington

I'm in Washington co-chairing a Cloud Computing summit along with my colleague Mark Bowker. Thus far, we've covered cloud computing drivers, virtualization and cloud computing, governance/compliance, and new skill sets needed for the cloud. The audience is made up of Federal IT workers for the most part. These folks are under the gun since the Obama administration is pushing cloud projects and setting aside budget dollars to persuade federal agencies to get onboard with proof-of-concept efforts. Federal CIO Vivek Kundra has added fuel to the fire acting as the poster child for federal cloud computing as a way to save taxpayer money and improve IT service. The federal audience is certainly hungry for knowledge but very leery about the cloud in general. The feedback today indicates that: 1. Federal IT doesn't know where to start. Perhaps industry hype has blurred the focus but there were a lot of questions about which IT activities/applications were a good fit for the cloud. We talked about the "low hanging fruit" like cloud storage for non-sensitive data and perhaps email, but the feds want more information. Beyond these obvious candidates, what's next? 2. Security and governance scares the heck out of the Washington crowd. Remember that a high percentage of data is considered confidential. In spite of FISMA-compliant cloud efforts, federal IT workers remain unconvinced. Vendors will have to do a lot of hand holding inside the Beltway. 3. State and local government is much more open to the cloud. This is true for one good reason -- they are out of money. Thus, a CIO from Colorado talked about the State buying services from Amazon and Google. The CIO stated, "you have to give up some control but you can gain financial benefits." Federal IT people really want more basic information and education about the cloud; vendors should note this and ramp up their knowledge transfer capabilities. Furthermore, it is important to talk in federal terms like FISMA and NIST rather than a more generic presentation. Think security and governance from the get go. Finally, the feds are rally afraid of vendor lock-in so standards are important here. When and if the federal government agrees upon cloud standards, vendors must go along to get along. If the feds fail to agree upon standards, all bets are off and the federal cloud becomes a big free-for-all. The private sector, public sector, and technology industry should all work together to make sure that this won't happen.

New! Download the State of Cybercrime 2017 report