Comment

How government can securely move IT systems to the cloud

Shutterstock image (by Jozsef Bagota): Blue cloud speech bubbles 

While IT leaders in all industries value their data, public sector data can be among the most important to protect. This makes transitioning agency IT systems to the cloud an especially sensitive and challenging endeavor.

Analyst firm IDC reports that the market for worldwide cloud enterprise applications grew by 19.7 percent in 2015 and reached a total size of $34.5 billion. Yet as the threat landscape continues to evolve, data vulnerability is increasing. In addition to the financial implications, security breaches hold the potential of damaging an agency's reputation and operations. With such high stakes, organizations must maintain an unrelenting focus on data security going forward.

It's important to remember, however, that a move to the cloud can come with vulnerabilities as well as opportunities If not done properly, cloud migrations can result in unexpected costs, failure to comply with regulatory measures and exposing the organization – and its most valuable asset – citizen data. Despite these risks, though, a majority are planning to move forward with the transition.   

How can government organizations ensure a smooth – and secure – transition to the cloud?

Smart IT decision makers are culling from a few key best practices, based on the learnings of organizations that have been down this path before. Here is a checklist of "must dos" that any government organization considering a move to the cloud should keep in mind:

  • Secure Applications from End-to-End: While many traditional security offerings were designed for client/server systems, they were not designed to control decisions in the database -- thereby exposing databases to vulnerabilities. Agencies should look for end-to-end security solutions that manage application security for application users -- not database users.
  • Make Sure it's a Match: When migrating to the cloud, public sector organizations must take a look at their needs and how they align with their vendors. Thing to consider: Do you share the same point of view on security? Do the vendors understand your business objectives? Is it better to go with a small vendor or a large shop?
  • Expect the Unexpected: Last but not least, the most successful agencies plan ahead. With security breaches on the rise, an attack can occur anywhere and at any time. The organizations that are most poised for success have a plan outlining exactly what to do if and when a breach occurs.

The journey to the cloud is never easy. But with a few considerations, it doesn't have to be complicated. Simply put -- to be successful, plan ahead, weigh the options and expect the unexpected.

About the Author

Mark Johnson is Director, Modern Platform for Government at Oracle.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.