Assessing Pentagon cloud computing

Dec 31, 2015

Cloud Security 2.jpgThe value of cloud computing has been hotly debated in government circles. From a budget and efficiency perspective, there are big opportunities for improved data center consolidation, and wider avenues for enhanced collaboration within and among various agencies. Thus far, the only significant setback to adoption has been related to concerns about cybersecurity. Many agencies remain wary of their own ability to safeguard data that lives in the cloud.

Nevertheless, government cloud migration is ongoing, and recent studies suggest that federal spending on cloud technology is slated to reach $6.2 billion by the 2020 fiscal year. As this happens, federal IT leaders can expect a fair amount of back-and-forth when it comes to clearly outlining cloud policies. 

The most recent example of this came out of the U.S. military headquarters. 

A situation in the Pentagon

A new report from the Inspector General of the Department of Defense that honed in on the Pentagon's cloud policy identified a few red flags. According to Federal News Radio, the DoD chief information officer failed to develop a clear outline of what cloud computing within the agency entails. Rather the report states that the CIO defers to the definition of cloud computing as explained by the National Institute of Standards and Technology. This definition is fairly general, and illustrates the core concepts of cloud computing, but it is not necessarily contextual. 

"Without a standard, department-wide definition for cloud computing, DoD components do not consistently identify their use of cloud computing services," the report stated.

More importantly, the report also mentioned that the CIO did not create any sort of storage system for depositing cloud service provider contracts. This lack of organization makes it difficult for the value of cloud computing within the department to be accurately assessed. 

"DoD's ability to track cloud computing cost savings, and benefits is greatly limited if DoD is not aware what cloud computing service contracts exist within DoD," the report stated.

The benefits of cloud computing must outweigh the risks

The main problem with the Pentagon's current cloud policy is that it becomes very difficult to prove whether or not government cloud computing is cost-efficient. Improved collaboration is a big benefit to cloud computing, Similarly, as smart cities and enterprise mobility continue to be realized, it would behoove government organizations to have strong virtual networks that are conducive remote data sharing and sending. However, cloud computing has primarily been touted by its proponents for its cost-saving potential. Therefore, ensuring that every DoD contract with cloud vendors is meticulously filed and accessible for future cost-benefit assessments should be a priority. In terms of wider-spread adoption, these contracts are also important in determining that the boons of cloud computing do in fact outweigh potential, and much debated, cybersecurity risks. 

The Inspector General has made several recommendations for the DoD going forward. Firstly, it has requested a clear, department-wide definition of cloud computing, or for a more detailed explanation of the NIST's current definition. On this count, the DoD CIO was not agreeable.

Secondly, the report recommended creating a more comprehensive storage system for cloud computing contracts, so that specific details regarding cloud services are more transparent. The DoD responded, claiming that it has improved its ability to gather important details related to cloud-service contracts, which may help the department get a better gauge of its cloud strategy now and in the future. 

Category: Cloud Computing