How government can securely move IT systems to the cloud

Shutterstock image (by Jozsef Bagota): Blue cloud speech bubbles 

While IT leaders in all industries value their data, public sector data can be among the most important to protect. This makes transitioning agency IT systems to the cloud an especially sensitive and challenging endeavor.

Analyst firm IDC reports that the market for worldwide cloud enterprise applications grew by 19.7 percent in 2015 and reached a total size of $34.5 billion. Yet as the threat landscape continues to evolve, data vulnerability is increasing. In addition to the financial implications, security breaches hold the potential of damaging an agency's reputation and operations. With such high stakes, organizations must maintain an unrelenting focus on data security going forward.

It's important to remember, however, that a move to the cloud can come with vulnerabilities as well as opportunities If not done properly, cloud migrations can result in unexpected costs, failure to comply with regulatory measures and exposing the organization – and its most valuable asset – citizen data. Despite these risks, though, a majority are planning to move forward with the transition.   

How can government organizations ensure a smooth – and secure – transition to the cloud?

Smart IT decision makers are culling from a few key best practices, based on the learnings of organizations that have been down this path before. Here is a checklist of "must dos" that any government organization considering a move to the cloud should keep in mind:

  • Secure Applications from End-to-End: While many traditional security offerings were designed for client/server systems, they were not designed to control decisions in the database -- thereby exposing databases to vulnerabilities. Agencies should look for end-to-end security solutions that manage application security for application users -- not database users.
  • Make Sure it's a Match: When migrating to the cloud, public sector organizations must take a look at their needs and how they align with their vendors. Thing to consider: Do you share the same point of view on security? Do the vendors understand your business objectives? Is it better to go with a small vendor or a large shop?
  • Expect the Unexpected: Last but not least, the most successful agencies plan ahead. With security breaches on the rise, an attack can occur anywhere and at any time. The organizations that are most poised for success have a plan outlining exactly what to do if and when a breach occurs.

The journey to the cloud is never easy. But with a few considerations, it doesn't have to be complicated. Simply put -- to be successful, plan ahead, weigh the options and expect the unexpected.

About the Author

Mark Johnson is Director, Modern Platform for Government at Oracle.


  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.