Comment

How government can securely move IT systems to the cloud

Shutterstock image (by Jozsef Bagota): Blue cloud speech bubbles 

While IT leaders in all industries value their data, public sector data can be among the most important to protect. This makes transitioning agency IT systems to the cloud an especially sensitive and challenging endeavor.

Analyst firm IDC reports that the market for worldwide cloud enterprise applications grew by 19.7 percent in 2015 and reached a total size of $34.5 billion. Yet as the threat landscape continues to evolve, data vulnerability is increasing. In addition to the financial implications, security breaches hold the potential of damaging an agency's reputation and operations. With such high stakes, organizations must maintain an unrelenting focus on data security going forward.

It's important to remember, however, that a move to the cloud can come with vulnerabilities as well as opportunities If not done properly, cloud migrations can result in unexpected costs, failure to comply with regulatory measures and exposing the organization – and its most valuable asset – citizen data. Despite these risks, though, a majority are planning to move forward with the transition.   

How can government organizations ensure a smooth – and secure – transition to the cloud?

Smart IT decision makers are culling from a few key best practices, based on the learnings of organizations that have been down this path before. Here is a checklist of "must dos" that any government organization considering a move to the cloud should keep in mind:

  • Secure Applications from End-to-End: While many traditional security offerings were designed for client/server systems, they were not designed to control decisions in the database -- thereby exposing databases to vulnerabilities. Agencies should look for end-to-end security solutions that manage application security for application users -- not database users.
  • Make Sure it's a Match: When migrating to the cloud, public sector organizations must take a look at their needs and how they align with their vendors. Thing to consider: Do you share the same point of view on security? Do the vendors understand your business objectives? Is it better to go with a small vendor or a large shop?
  • Expect the Unexpected: Last but not least, the most successful agencies plan ahead. With security breaches on the rise, an attack can occur anywhere and at any time. The organizations that are most poised for success have a plan outlining exactly what to do if and when a breach occurs.

The journey to the cloud is never easy. But with a few considerations, it doesn't have to be complicated. Simply put -- to be successful, plan ahead, weigh the options and expect the unexpected.

About the Author

Mark Johnson is Director, Modern Platform for Government at Oracle.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.