Talk more cloud

Shutterstock image (by Jozsef Bagota): Blue cloud speech bubbles

(Jozsef Bagota / Shutterstock)

When it comes to cloud and the federal government, talk isn’t cheap; it’s invaluable.

“Share what’s important about cloud,” the General Services Administration’s FedRAMP director Matt Goodrich urged his fellow feds. “Share what’s working for you.”

Knowledge is power, Goodrich said, “but it’s only powerful if you actually do something with it.”

But how?

The topic took center stage at the Advanced Technology Academic Research Center’s (ATARC) July 23 Federal Cloud Computing Summit.

“It’s sad that we still kind of do word of mouth” for cloud service provider recommendations, noted Leo Wong, CISO for the USDA’s Food and Nutrition Service. An informal, inefficient network of feds shares their experiences with specific cloud vendors – though the process remains rather hushed.

“There are agencies coming to me saying, ‘What is NIST using [for cloud]?’” said Michaela Iorga, cloud computing technical lead at NIST. She can’t give out cloud providers’ names, however, for fear that her name-dropping would be perceived as an official endorsement of certain providers.

Iorga said NIST has tried in the past to wrangle working groups to talk frankly about specific cloud vendors and the particular challenges and solutions agencies worked through with them. The working group “dissolved,” however, because of “a lack of dynamic conversation.”

Now, years into the widespread federal adoption of cloud, Iorga said NIST is hoping to resurrect the working groups to provide those who are still considering the leap to cloud an opportunity to learn from those who have already made the jump.

“Not everything needs to be protected,” advised USDA’s Wong. “Start small.”

He and Goodrich both advised pushing non-critical data to the cloud while keeping highly sensitive material close at hand (Goodrich repeated his garden-hose-versus-tennis-bracelet analogy).

Others were more expansive.

“We believe that cloud service providers can provide better economies of scale for security than we can with our limited staff,” said FCC Deputy CIO John Skudlarek, wholeheartedly endorsing entrusting the right cloud providers with agency data.

Goodrich echoed Skudlarek’s trust in cloud (touting FedRAMP as the vehicle to achieve that level of trust), advised agencies not to consider themselves too “special” (and learn to work, whenever possible, within the standard offerings of a cloud provider), and reminded everyone that the cloud change is necessary and inevitable.

“He who rejects change is the architect of decay,” Goodrich said, quoting Harold Wilson. “When I look around federal IT, I see a lot of decay.”

About the Author

Zach Noble is a former FCW staff writer.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.