Agencies will take what they learn about cloud computing and use it to form tighter safeguards for sensitive information, official says.
Agencies’ initial cloud-computing projects will use information that’s publicly available as the test bed for modernizing the government's data storage, an official has said.
This summer, information technology officials will begin forming strategies on how to use cloud computing with more sensitive data, such as personally identifiable information, health records, and eventually classified data and top-secret intelligence, said Casey Coleman, chief information officer at the General Services Administration, after a speech at the Congressional Procurement Conference and Expo on May 13.
Cloud computing is an arrangement in which an organization pays a service provider to deliver applications, computing power and storage via the Web.
Agencies will test their computing models with publicly available information, such as the White House's Web forums or some spending data on USAspending.gov. That data doesn’t have the compliance regulations that govern sensitive data, and officials can use it to learn what works and what doesn’t work in cloud computing, Coleman said.
Cloud computing isn’t new; the Bush administration and the CIO Council have worked with it, but the Obama administration will speed up its evolution throughout the government, Coleman said. New federal CIO Vivek Kundra intends to shrink the number of IT initiatives and concentrate on those fewer initiatives. Cloud computing will be a top priority for Kundra, she said.
The White House is already pushing agencies to launch pilot projects based on a cloud-computing model, according to its fiscal 2010 budget proposal. Pilot projects would address the risks and new policies required to institute the emerging technology, the document states. Securing a traditional data center at an agency is different from securing a cloud-computing network in which computer servers are often owned and operated by a third party. However, an agency could be a service provider, such as the Defense Information Systems Agency and its Rapid Access Computing Environment, Coleman said.
Cloud computing can enhance security for agencies, Coleman said. Often, several agencies have tight safeguards around their information, while other agencies with more general data might not have the same level of security. Cloud computing can increase the overall security for agencies if the information stored in the same safely guarded cloud, she said.
However, she added that there are risks. Problems have arisen in the past when agencies shared information, and she said officials need to find ways to minimize those risks.
“The federal community will need to actively put in place new security measures which will allow dynamic application use and information-sharing to be implemented in a secure fashion,” the budget document states.
NEXT STORY: Leading the Army's technology charge