Cloud cuts both ways when it comes to cybersecurity

July 19, 2011
FedCyber Wire, Technology
No Comment

via Defense Systems

The increasing availability of options in cloud computing are making the strategy more appealing to many government agencies, but the unique security demands of the Defense Department and related organizations require extra attention to cyber safety.

However, the growing cloud movement might help drive efficiency and improve defense IT operations, a panel of federal officials said July 15 at the AFCEA Cybersecurity Symposium in Washington.

“There are a lot of promises out there of cloud computing ‘reducing costs ten-fold’ or ‘savings of 50 percent’ – but we have to make it operationally beneficial,” said Dave Mihelcic, Defense Information Systems Agency chief technology officer.

He added that elasticity and scalability of any cloud system would be critical, but that the benefits of pooling resources could help avoid wasted capital.

For a cloud approach to work for cybersecurity, there must be a number of precautions and considerations taken before any action, panel members said.

Daud Santosa, chief technology officer at the Interior Department’s National Business Center, said any cloud policy must align with both the mission and business IT systems – a tenet that sometimes seems to get lost in the zeal to implement new technologies and strategies.

“We have forgotten Computer Science 101 – we have to look back at the basic architecture, considering the complexities before we even begin,” Santosa said. “You must plan security at the beginning, not at the middle or end. And you have to balance the security risks with budget constraints, and that’s very difficult.”

Still, the move toward cloud solutions is a driver for federal IT, Santosa said.

“Cloud will force the future of software [requirements],” including the ability to scale quickly, he said.

Continued here.