COMMENTARY

No need to rush the transition to the cloud

The conversation about cloud computing in government has taken a new direction, courtesy of the National Defense Authorization Act for fiscal 2012.

In the past several years, technology experts in government and industry have debated whether commercial cloud computing services are secure enough to meet the needs of federal agencies. Some people have argued that agencies would be better off developing their own cloud offerings and sacrificing some cost-efficiency for the sake of better security.

But lawmakers disagree. As part of the Defense Authorization bill, they are directing the Defense Department to make the leap from department-owned operations to commercially available cloud computing services “that provide a better capability at a lower cost with the same or greater degree of security.” You can expect similar directives for civilian agencies.

As a result, acquisition policy is likely to become the most pressing topic of conversation as federal officials seek to become better-versed in the particularities of cloud procurements.

Security is the overriding concern. Federal officials want to ensure that government data is stored and managed in compliance with existing security requirements. The policies are well-known; the question is how to translate them into clear and enforceable contract language.

Case in point: Officials at the General Services Administration ran into problems with their e-mail-as-a-service procurement when they tried to limit where government data could reside. Several bidders lodged a protest, which the Government Accountability Office upheld. In their decision, GAO auditors said GSA’s security concerns were legitimate but concluded that the provisions were ambiguously worded. The solicitation has been reworked, with awards expected in the spring.

Ambiguous security provisions could lead to protests in some cases and lousy security in others. Procurement officials should not let the Obama administration’s cloud-first policy rush them into deals that they might later regret.

About the Author

John Monroe is Senior Events Editor for the 1105 Public Sector Media Group, where he is responsible for overseeing the development of content for print and online content, as well as events. John has more than 20 years of experience covering the information technology field. Most recently he served as Editor-in-Chief of Federal Computer Week. Previously, he served as editor of three sister publications: civic.com, which covered the state and local government IT market, Government Health IT, and Defense Systems.

Featured

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.