recommended reading

Senator pushes cloud as deficit cutting tool

The federal transition to cloud computing is an overlooked source of savings as the government battles over trillions of dollars in spending reductions, the leader of a Senate oversight subcommittee said this week.

A visibly weary Sen. Tom Carper, D-Del., was addressing a conference Wednesday on the future of government cloud computing and the consolidation of federal data centers amid tense negotiations over raising the limit on federal borrowing.

Carper, who is chairman of the Homeland Security and Governmental Affairs Federal Financial Management Subcommittee, listed cost savings from cloud computing as one of several initiatives that could save the government hundreds of billions of dollars annually but that had gotten lost in the acrimonious standoff over whether the deficit should be trimmed by cutting programs alone or by a combination of program cutting and revenue hikes.

He also cited efforts to cut Medicare overpayments and to dispose of unnecessary federal property in that list.

"There are four ways to reduce deficits or balance budgets," Carper said. "The first of those is to cut spending; that works. The second is to raise revenues; that works. The third is to grow the hell out of the economy; that works."

The last piece is the piece we don't often pay a lot of attention to," he continued. "My bumper sticker here is better results for less money. We need to look into every nook and cranny of the federal government and find better results for less money . . . One of the great ways you can provide better service for less money is to do IT well and to do it smart."

Federal Chief Information Officer Vivek Kundra has estimated the government can save about $5 billion annually by moving about one-fourth of its $80 billion annual IT portfolio into public, private or hybrid computer clouds.

Computer clouds are essentially large server farms that pack information together more tightly and nimbly than traditional data centers and that sell storage space like a utility with customers only paying for what they actually use.

Critics have worried that government information might be more vulnerable to hackers and other bad actors when it's in a public cloud or mushed together with other agencies' data in a private government cloud.

A report released Tuesday by the industry group TechAmerica Foundation found that trust was one of the major barriers to wider adoption of cloud computing in the government. The report recommended creating a set of internationally recognized standards and best practices for cloud computing.

A beginning point for those standards should be the Federal Risk and Authorization Management Program or FedRAMP, a standard authorization for government cloud vendors due out from the General Services Administration this fall, the report said.

Speaking at Wednesday's conference, Kundra said he thinks security concerns about the cloud transition have been exaggerated and that critics have paid too little heed to agency IT executives' common sense about what belongs in a private or public cloud and what doesn't.

"The reason, I think, that's been amplified, frankly, is because it preserves the status quo," Kundra said. "Look, the disruptions are real. We're saving a fortune."

"The question for us is what is the risk tolerance and does it make sense," he continued. "The problem before has been the federal government for some crazy reason tried to treat every IT system like it's a national security system and it's not . . . [for instance] moved to the Amazon EC2 cloud. That's public data. There's no reason to build a fortress around that and treat it like it's a CIA or [National Security Agency] IT system."

Moving federal IT systems to the cloud is unlikely to mean a significant cut in jobs, Homeland Security Department CIO Richard Spires said during Wednesday's conference, because IT workers now managing legacy systems would be asked to develop programs that are more vital to agencies' operations.

"We want people working on supporting the agency's mission," he said, "on creating the functionality [agency] customers need."

Threatwatch Alert

Network intrusion / Stolen credentials

85M User Accounts Compromised from Video-sharing Site Dailymotion

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.