How government can securely move IT systems to the cloud

Shutterstock image (by Jozsef Bagota): Blue cloud speech bubbles 

While IT leaders in all industries value their data, public sector data can be among the most important to protect. This makes transitioning agency IT systems to the cloud an especially sensitive and challenging endeavor.

Analyst firm IDC reports that the market for worldwide cloud enterprise applications grew by 19.7 percent in 2015 and reached a total size of $34.5 billion. Yet as the threat landscape continues to evolve, data vulnerability is increasing. In addition to the financial implications, security breaches hold the potential of damaging an agency's reputation and operations. With such high stakes, organizations must maintain an unrelenting focus on data security going forward.

It's important to remember, however, that a move to the cloud can come with vulnerabilities as well as opportunities If not done properly, cloud migrations can result in unexpected costs, failure to comply with regulatory measures and exposing the organization – and its most valuable asset – citizen data. Despite these risks, though, a majority are planning to move forward with the transition.   

How can government organizations ensure a smooth – and secure – transition to the cloud?

Smart IT decision makers are culling from a few key best practices, based on the learnings of organizations that have been down this path before. Here is a checklist of "must dos" that any government organization considering a move to the cloud should keep in mind:

  • Secure Applications from End-to-End: While many traditional security offerings were designed for client/server systems, they were not designed to control decisions in the database -- thereby exposing databases to vulnerabilities. Agencies should look for end-to-end security solutions that manage application security for application users -- not database users.
  • Make Sure it's a Match: When migrating to the cloud, public sector organizations must take a look at their needs and how they align with their vendors. Thing to consider: Do you share the same point of view on security? Do the vendors understand your business objectives? Is it better to go with a small vendor or a large shop?
  • Expect the Unexpected: Last but not least, the most successful agencies plan ahead. With security breaches on the rise, an attack can occur anywhere and at any time. The organizations that are most poised for success have a plan outlining exactly what to do if and when a breach occurs.

The journey to the cloud is never easy. But with a few considerations, it doesn't have to be complicated. Simply put -- to be successful, plan ahead, weigh the options and expect the unexpected.

About the Author

Mark Johnson is Director, Modern Platform for Government at Oracle.


  • Federal 100 Awards
    Federal 100 logo

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

  • Government Innovation Awards
    Government Innovation Awards -

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

Stay Connected