11 ways to boost cloud adoption in government
The Brookings Institution seeks to improve cloud computing in public sector
- By Rutrell Yasin
- Jul 21, 2010
The federal government has inconsistent policies across desktop, laptop, mobile and cloud computing platforms, which in some respects puts cloud applications at a disadvantage in current legal and procurement situations, according to a Brookings Institution report released today.
There are differences between the executive, legislative, and judicial branches of government, as well as in the level of privacy and security expected for various applications, writes Darrell West author of the report “Steps to Improve Cloud Computing in the Public Sector.”
“The public sector makes relatively little use of cloud computing even though the private sector has achieved excellent cost savings and studies have suggested substantial government savings from a migration to the cloud,” according to West, vice president and director of Governance Studies at Brookings.
West’s report "Saving Money Through the Cloud,” indicated that agencies could save as much as 50 percent in information technology costs by moving certain applications and services to the cloud. The cloud computing model allows organizations to access software, services, and data storage through remote file servers.
House panel questions cloud computing assumptions
But several aspects of the current computing environment impede the progress of cloud. With the considerable uncertainty that exists in regard to the reliability and security of information technology, officials need to think about how to instill greater confidence among consumers and taxpayers, the report states.
"There should be detailed conversations regarding the trade-offs between privacy and security," West wrote. In addition, the lack of uniformity in standards across nations has created a “Tower of Babel” atmosphere among cloud computing environments, he found.
Public officials should develop more consistent rules on computing across desktop, laptop, mobile, and cloud platforms.
Policymakers should authorize video, collaboration, and social networking for congressional offices. This would make legislative branch policy consistent with that of the executive branch.
Judicial branch computing should be modernized, with greater emphasis on cloud computing.
There should be a more uniform certification process for federal agencies. Right now, each agency is responsible for certifying its own applications. It makes sense to have a joint authorization board with the power to review management services and certify particular products for use across the government.
Congress should update the Electronic Communications Privacy Act to change the process by which law enforcement agents obtain electronic information. Instead of using a prosecutor’s subpoena, legislation should require a probable-cause search warrant that is approved by a judge. This would provide greater safeguards for online content, pictures, geolocation data, and e-mail messages.
Privacy rights should be placed on the same footing regardless of whether a person is using desktop or cloud computing. It makes little sense to have weaker standards on one platform than another. Consumers and government decision-makers expect the same level of protection whether they are accessing information on a desktop, laptop, mobile, or cloud storage system.
Congress should amend the Computer Fraud and Abuse Act to strengthen penalties for unwanted intrusion into computing systems. The law has inconsistent penalties and prosecutors have found that it is hard to prosecute cyber crimes.
Apps.gov represents a big step forward and government organizations should use it more because it makes procurement easier and speeds public-sector innovation. It is a model of how the government can reinvent itself through digital technology in ways that improve efficiency and effectiveness.
Countries need to harmonize their laws on cloud computing so as to reduce current inconsistencies in regard to privacy, data storage, security processes, and personnel training,
There should be mechanisms for data exchange that encourage portability across platforms. We should avoid vendor lock-in that precludes data exchange.
Data on uptime, downtime, recover time, archiving and maintenance schedules would help build public trust by providing information on computing performance.