recommended reading

Security advances and budgetary pressures draw agencies to cloud

The government's transition to cloud computing is likely to be spurred as much by private sector security advances and budgetary pressure as it is by Office of Management and Budget dictates, government information technology leaders said Wednesday.

Amazon's Aug. 16 launch of a government-only cloud could mark a major turning point in agencies' willingness to store their data and services in privately owned computer clouds, NASA Chief Information Officer Linda Cureton said during a Fedscoop conference on saving money through information technology.

Amazon's GovCloud employs only U.S. citizens and is compliant with several strict government regulations on handling sensitive data such as weapons information. Agencies that store such information previously had to house it in their own data centers or in federally managed clouds.

Other IT providers are likely to follow quickly in Amazon's footsteps, Cureton said, raising competition and lowering the price of storage.

"I'm sure now it's going to be boom, boom, boom," she said. "Our processes at even evolving strategy are too slow right now for what industry is doing . . . We can't move that fast. We have to lean forward and anticipate what industry is going to be doing. And it's going to be much cheaper to get commercial services than to provision our own."

Computer clouds essentially are large banks of off-site servers that can operate much closer to full capacity than standard servers by rapidly repacking data as one customer surges in use and another dips. Customers pay for cloud data storage based on use rather than according to a set fee, as they would for electricity or another utility.

The Obama administration has pledged to move about one quarter of its $80 billion IT portfolio to public, private or hybrid computer clouds by 2015 at an estimated savings of about $5 billion annually.

OMB has released a list of more than 100 services that agencies are in the process of moving to the cloud. Critics, however, have said the list largely represents low-hanging fruit such as public websites and agency email systems. Moving complex items will be more difficult and agencies face much more pushback from IT managers and others who are worried about compromising security, they added.

When the General Services Administration moved its main Web page and Gobierno, the site's Spanish language twin, to the cloud, it was more of a financial necessity than an IT innovation, said Martha Dorris, deputy associate administrator of GSA's Office of Citizen Services.

"We were basically in a corner," she said. "We had not gotten new infrastructure funding for or Gobierno in years and years. Our service level was degrading. Our content management system was having to be rebooted every night. We were really sweating bullets. We had nowhere to go."

By moving those sites to the cloud, GSA was able to save $1.7 million annually, Dorris said. This freed up money to invest in new programs, including a government search function that corrects for the often clunky tools on agency sites and could aid citizens who don't know which branch of government is responsible for a particular service.

"We created a whole new center for new media and citizen engagement out of the savings we accrued [from the cloud transition]," she said. "It wasn't easy and there were a lot of cultural issues, but it definitely gave us an escape route."

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.