Skip to content

Cloud Security in the Federal Sector: What’s the Right Strategy?

May 6, 2011

Earlier in The Situational Room, “See Clouds, Look for Rain,” April 22, 2011, John Linkous discussed issues associated with the Amazon cloud service outage.  I would like to explore one aspect of this outage he did not address at length, though it was briefly discussed in The Situational Room, “2011 Security Prediction #2: Insecurity in the FrankenCloud,” January 5, 2011: Just how many or much of a company’s or government entity’s mission critical applications or data should be placed in the cloud?

Most people do not attempt to argue the inherent security or cost effectiveness afforded by the cloud, as the cloud’s enhanced security and reduced costs versus dispersed operations are well documented.  Rather they argue the operational effectiveness, particularly for remote operational elements, as the reason for not moving applications and data to the cloud.  Rather than taking an “all or nothing” approach, companies and organizations should evaluate the operational risk (not risk management – that is a fiscal approach), propensity for lost operations, security, and cost to operations.  A hybrid solution that balances all factors permit the company or organization to morph their infrastructure, processes and people based on where they are in their business cycle.

Particularly for the U.S. military’s operating forces, no compelling reason exists that they cannot work within their home station environment to “train as they fight” to operate and secure networks.  What is lacking today is the doctrine and guidance to execute that strategy.

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: