recommended reading

Experts say security concerns about cloud computing are overstated

Think tank and industry experts downplayed widespread security concerns surrounding a government transition to cloud computing Thursday, saying the cloud may actually be safer than traditional storage of government information in federally owned data centers.

Technology has been developed, though not widely implemented, that allows cloud storage providers to host encrypted data that only the data's creators can decrypt, not its hosts, said Dan Reed, Microsoft's vice president for technology policy.

That technology also includes monitors that tell a government agency or other data creator if the cloud provider babysitting the data makes any attempt to decrypt it, he said.

There's also new technology in the pipeline that would allow agencies and other data creators to analyze and sift their own data while it's in the cloud without first decrypting the data itself, he said.

Reed was speaking at a panel discussion on the not-yet-introduced 2011 Cloud Computing Act, hosted by the Brookings Institution. There's been a great deal of speculation about what that act, sponsored by Sens. Amy Klobuchar, D-Minn., and Orrin Hatch, R-Utah, will include.

The act is expected out in a matter of weeks.

Cloud computing providers essentially sell information storage space on remote computer servers much like a utility sells electricity or water, with buyers paying only for the amount of space they actually use. Critics have said cloud storage limits federal agencies' ability to safeguard their own data.

Consolidating data into a cloud storage facility -- which may be the size of a football field or larger -- creates a larger target profile, according to Darrel West, director of Brookings' Center for Technology Innovation and the panel moderator, but it also creates economies of scale. "You can bring to bear some more best practices [and] professionals whose only job is to think about these kinds of issues," he said.

"There are some collateral advantages of cloud consolidation in terms of raising security standards," he said. "If you're a small business, odds are your security is not very good. You likely don't have the revenue or the IT expertise to procure world class security."

Another major question about cloud computing is the ease with which information will be able to be stored across international borders.

U.S. and European officials have been meeting regularly to try to reach standard or nearly standard agreements about how one nation's information should be treated when it's stored in another nation and what legal rights the hosting nation might have, according to Philip Verveer, the State Department's deputy undersecretary for information policy.

The Japanese tsunami wiped out personal records for many people in the worst-hit areas, Verveer said, which has prompted the Japanese government to consider storing duplicates of some of its vital government information in North America.

Japan and the host nation would have to negotiate a very complex agreement about Japan's control over that information before that could be a possibility, he said.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.