Fulfillment of the cloud's promise requires congressional action
Separating the hype from the promise of cloud computing is a full-time job these days. However, one thing is increasingly clear: agencies face a difficult task in trying to answer even fundamental questions about cloud computing.
The good news is the federal government has moved beyond the low orbit of debate that raged for much of last year regarding what cloud computing represents. Better yet, a number of federal pilot projects have demonstrated initial traction toward the goal of providing on-demand, scalable computing services via the Internet.
However, as agencies come to grips with demands from federal Chief Information Officer Vivek Kundra to begin planning for a cloud computing future, many agency managers are struggling to deal with questions to which few clear answers exist.
One of the chief questions is how to move data and applications from existing systems into cloud computing centers securely and reliably — and then retrieve or relocate them completely when needed. Another question is how to comply with a confluence of privacy, archiving and other federal requirements. Dig deeper and the questions grow more complex: What standards are emerging? And who will fill in the gaps on everything from interoperability protocols to service-level agreements?
Perhaps one of the most crucial impediments to resolving those questions, though, is the antiquated legal and regulatory framework that guides what public and private organizations can and can't do with information.
Much of that framework is rooted in an age that predates the digital revolution, Internet and global broadband. Ironically, fixing that framework will mean coming to terms with a rather terrestrial fact: Where computing centers are located geographically throughout the world — and where your data technically resides — will become an increasingly important issue.
As a recent Forrester Research report shows, the reason is that some countries are more information-friendly, just as some are friendlier to investors than others. European nations are more restrictive about privacy and data protection than the United States and India are. Information laws are still evolving in China and Mexico.
That might not matter to agencies that insist that their data reside stateside. But conflicting and outmoded laws represent risks that many experts believe will delay or distort the anticipated benefits of cloud computing.
That’s why a growing number of industry players believe major advances in cloud computing will eventually depend on Congress passing updated national privacy and data protection laws that will also give civil enforcement agencies the power they need to fight cyberattacks and other abuses.
Fixing those laws won’t replace the need to answer dozens of cloud computing questions, but it will help determine how many of those questions get answered.