How government can securely move IT systems to the cloud

Shutterstock image (by Jozsef Bagota): Blue cloud speech bubbles 

While IT leaders in all industries value their data, public sector data can be among the most important to protect. This makes transitioning agency IT systems to the cloud an especially sensitive and challenging endeavor.

Analyst firm IDC reports that the market for worldwide cloud enterprise applications grew by 19.7 percent in 2015 and reached a total size of $34.5 billion. Yet as the threat landscape continues to evolve, data vulnerability is increasing. In addition to the financial implications, security breaches hold the potential of damaging an agency's reputation and operations. With such high stakes, organizations must maintain an unrelenting focus on data security going forward.

It's important to remember, however, that a move to the cloud can come with vulnerabilities as well as opportunities If not done properly, cloud migrations can result in unexpected costs, failure to comply with regulatory measures and exposing the organization – and its most valuable asset – citizen data. Despite these risks, though, a majority are planning to move forward with the transition.   

How can government organizations ensure a smooth – and secure – transition to the cloud?

Smart IT decision makers are culling from a few key best practices, based on the learnings of organizations that have been down this path before. Here is a checklist of "must dos" that any government organization considering a move to the cloud should keep in mind:

  • Secure Applications from End-to-End: While many traditional security offerings were designed for client/server systems, they were not designed to control decisions in the database -- thereby exposing databases to vulnerabilities. Agencies should look for end-to-end security solutions that manage application security for application users -- not database users.
  • Make Sure it's a Match: When migrating to the cloud, public sector organizations must take a look at their needs and how they align with their vendors. Thing to consider: Do you share the same point of view on security? Do the vendors understand your business objectives? Is it better to go with a small vendor or a large shop?
  • Expect the Unexpected: Last but not least, the most successful agencies plan ahead. With security breaches on the rise, an attack can occur anywhere and at any time. The organizations that are most poised for success have a plan outlining exactly what to do if and when a breach occurs.

The journey to the cloud is never easy. But with a few considerations, it doesn't have to be complicated. Simply put -- to be successful, plan ahead, weigh the options and expect the unexpected.

About the Author

Mark Johnson is Director, Modern Platform for Government at Oracle.


  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

  • FCW Perspectives
    remote workers (elenabsl/

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

Stay Connected