Why fear of the cloud is keeping government from its 21st-century potential
- By Alastair Mitchell
- Nov 04, 2015
Tight budgets and heightened scrutiny have put government under intense pressure to deliver better services at a lower cost. As a result, individual government organizations are starting to explore new ways of working collaboratively. This need isn’t new, but the tools available to government organizations are. New initiatives to drive greater collaboration (both internally between teams and agencies, and externally with partners, suppliers and citizens) are being driven through a mix of cloud computing, social tools, mobile devices and collaborative work platforms -- all of which present massive opportunities for government to benefit.
However, these tools also present governments with challenges. The ability to leverage cloud technologies to work collaboratively presents an incredible opportunity for government efficiency, but it also provokes a very real concern: In the course of driving forward business goals and making employees’ lives easier, could these solutions also threaten the security of some of the world’s most sensitive data?
So governments seem to feel stuck at an impasse. In order to advance, they need to utilize the latest breakthroughs in technology -- but is it safe to do so? That hesitation has held agencies back, even as they strain to move forward.
Gartner’s recent report, “2015 CIO Agenda: A Government Perspective,” talks to this dichotomy. “Infrastructure, analytics and cloud computing are the top three technology priorities for government CIOs in all tiers and regions, but the adoption of cloud services in government lags behind other industries,” the report states. Clearly, government is incentivized to move to the cloud, but agencies haven’t been able to execute on those aspirations.
A clear desire for change
The desire for change is clear enough. From multiagency project coordination and supplier management to the basic need of employees seeking to sync, share and publish files across multiple devices, there is a sweeping range of advantages for government and public sector groups. And many of them have already started to implement some type of solution. For example, there is the CIA’s much-lauded decision to use Amazon Web Services for a private cloud. In fact, the federal government has aggressively endorsed the use of cloud computing for government purposes for several years, starting with the 2011 cloud computing strategy that was spearheaded by then-federal CIO Vivek Kundra.
In addition, more than three years ago, the White House concluded that: “Going forward, we must pilot, document and rapidly scale new approaches to secure data and mobile technologies and address privacy concerns.... Shifting to the cloud is one area of opportunity.”
And yet the government, by and large, has not made significant advances toward actually optimizing those technologies. The Gartner report found that while “cloud has moved from a concept, to a possibility, to a viable option,” only a “small minority” of government CIOs are adopting a cloud-first approach when scoping new projects.
The illusion holding us back
A key reason that government has not moved forward in embracing cloud computing is the perception that doing so exposes precious data to serious risk. Indeed, 91 percent of CIOs who participated in the Gartner 2015 CIO Agenda research think the digital world creates new types and increased levels of risk in government.
Similarly, other research into public sector IT practices in the United Kingdom showed that just 37 percent of central government employees are confident using cloud IT, but – incredibly -- also suggests that fully 93 percent of central government staff share and work on information with external organizations. This means that if this external data sharing is not taking place via secure cloud platforms, then insecure and inefficient approaches are filling the void -- email, "shadow IT" file sharing and even couriered hard copies.
The importance of effective security cannot be underestimated, but that doesn’t mean the methods we’re already using are any safer than the newer alternatives. In fact, the opposite is true. A frontline lack of trust in cloud security is the fundamental Achilles’ heel hindering the wider and faster adoption of government cloud services.
Secure cloud computing for government is absolutely possible -- and it can be measured, ranked and verified on a solution-by-solution basis. The Federal Risk and Authorization Management Program (FedRAMP) and Authority to Operate (ATO) are both existing standards that the government uses to measure potential cloud solutions and accelerate the adoption of secure cloud services. They exist to ensure government agencies have confidence in their secure cloud suppliers. There are also certifications spanning access control, data encryption and threat protection.
The benefits of the cloud are loud and clear to government, just as they are to any business. If we can educate agencies about the truly secure opportunities in front of them, we open the door to being able to completely transform the government’s IT landscape.
Alastair Mitchell is the pesident of Huddle.