There’s a new cloud in town
- By Cliff Beek
- Jul 27, 2017
The federal move to the cloud is full steam ahead, now that the president has signed an executive order on cybersecurity. Agencies must now migrate as much of the government’s cyber defense system to the cloud as possible. Yet while the cloud offers economies of scale and other benefits, however, concerns still abound about data security.
A change must still be made, however; the standard centralized approach of fixed data centers and backup sites won’t work for today’s decentralized operations that need worldwide connectivity. Armed forces conducting field operations, for example, need fast, reliable communications but cannot risk data theft.
A significant drawback to the current centralized approach to data management is latency. The farther a user is from the data center, the longer it takes to retrieve and return information. Recent efforts to consolidate data centers may further increase latency and negatively impact performance. In a military operation, even two seconds of latency can be dangerous. The best cloud storage option for organizations with sensitive data, therefore, would store data in different nodes without the co-mingling of data and lack of data-location control typified by public cloud offerings.
Even so, legitimate concern remains regarding “leaky” internet lines. Any data that passes across the internet, whether public or private, encrypted or not, requires a public address header to route packets to the proper network. Header information provides ample opportunity for surreptitious targeting and decryption of sensitive data, whether in public clouds or on private networks.
Clearly, there is a need to rethink both data transmission and storage options.
In addition to security concerns, federal agencies must deal with an international regulatory system that can be overwhelmingly complicated. The General Data Protection Regulation governing data privacy of citizens of the European Union typifies the kind of jurisdictional limitations agencies must observe.
In addition, federal agencies have strict rules designed to protect data and prevent top-secret data from co-mingling with other information within servers. This translates into physical server separation within government data centers, preventing agencies from taking full advantage of virtualization for server consolidation that the commercial world has embraced. Transitioning government data to the cloud is challenging for this reason, but it must be undertaken.
An ideal approach would be a cloud storage solution on which virtual applications and data can securely co-reside and can be accessed according to users' security clearances. Any attempts to access data or applications held in other virtual machines would be thwarted by security policies, and audit data would be available to detail any attempted attacks. This virtualized platform would be as secure as having multiple physical systems -- without the physical overhead or cost.
A best-case cloud storage solution could share information across the globe in less than a second. In such a solution, information is secure, safely traveling outside the internet and leased lines. This new paradigm for data transport and storage is possible through space-based storage.
An independent network of satellites could allow government customers to securely store and provision sensitive data across the globe. By sending data to satellites that are accessible from anywhere on earth via ultra-secure, dedicated terminals, agencies can overcome latency, interruption and exposure to surreptitious elements or unintended network jurisdictions. It also offers excellent performance and high availability, which are critical to government functions.
Federal agencies that need to transmit and store sensitive information now have another option to explore with space-based storage.
Cliff Beek is president of Cloud Constellation Corporation.