There's been much discussion around the efficiencies to be gained from cloud computing – shuttering data centers and streamlining operations – but little talk of the freezing effect this end goal can have on the federal IT workforce. Cloud computing efforts would see stakeholder buy in improve significantly if there was some assurance that personnel would be protected, says one National Oceanic and Atmospheric Administration IT executive.
Interoperability and portability remain largely unaddressed issues among cloud services. And until all cloud computing services can ensure clients' data is portable and interoperable, federal chief information officers need to think about how they can get out of their cloud contracts, said federal executives speaking Jan. 15 at the Federal Cloud Computing Summit in Washington, D.C.
Having data available anytime, anywhere has long been touted as a major benefit of cloud computing, but a top Defense Information Systems Agency official said where data is physically located still matters.
The Defense Information Systems Agency Jan. 13 publicly released guidance that updates and codifies enhanced cybersecurity requirements for implementing and hosting cloud computing systems for certain types of sensitive Defense Department data.
The Defense Department's information technology agency is seeking information about next-generation security capabilities that would protect complex systems against advanced persistent threats.
The General Services Administration provided an update on how the Federal Risk and Authorization Management Program is meeting milestones and laid out new deadlines as part of a Dec. 16 press briefing and the release of the program's roadmap.
"There's been some confusion that FedRAMP is GSA, and FedRAMP is the JAB, but really FedRAMP is a program that is governmentwide in nature and has stakeholders across the government," said FedRAMP Director Matt Goodrich. A new plan aims to refocus the program on agency stakeholders and further spread the responsibility for authorizing cloud services.
Two and a half years in, the Federal Risk and Authorization Management Program, which aims to help agencies and departments more quickly and securely procure cloud services, is being adopted in pockets across the federal government, but not always correctly, say General Services Administration officials during a Dec. 16 press briefing.
The guidance essentially codifies certain actions that have already occurred. For example, in August, Amazon Web Services became the first authorized commercial cloud provider to host sensitive unclassified data for DoD.
The National Institute of Standards and Technology is seeking public comment on a new draft guide that could help government agencies and other organizations make better decisions in choosing the right cloud computing provider for them.