The speed of government cloud adoption and authorization is both good and bad, depending on which agency is asked, according to panelists at Dell EMC World.
“Some of the slowness works to our advantage,” said Annette Moore, acting director and acting CIO at the NASA Johnson Space Center. “In instances it certainly does not.”
According to Moore, when working with programs in which the efficacy could affect human lives in space, slower evaluation times that offer less risk can be advantageous.
“I don’t have the option of entering into a risk conversation for human space exploration in terms of what my capacity is,” Moore explained.
Environmental Protection Agency (EPA) CIO Ann Dunkin, however, said that the slower process of Federal cloud offerings can be detrimental to agencies, as it requires them to wait longer for technology and services that are already available in the private sector.
“I don’t think the Federal cloud in most cases is keeping up with the commercial space,” Dunkin said. “I think there are times when our insistence on the Federal cloud is a little ridiculous.”
Dunkin acknowledged that the Department of Defense (DoD) or intelligence agencies would likely need more extensive security requirements for their data, but that most of the data collected by the EPA, for example, does not require that level of security.
“It’s just like the overclassification problem we sometimes have. People are so worried about protecting the data that they lose track of what data actually should be protected and how it should be protected,” Dunkin said.
The increased concern over data security is then rolling over to the private sector, which is asked to meet higher security requirements for less sensitive data.
“We’re seeing increasing requirements for not only classified but sensitive systems, and the controls to be treated as if they were classified systems,” said David Gagliano, vice president and CTO of General Dynamics Information Technology Global Solutions Division.
On the DoD’s more secure side of requirements, there is still some lack of clarity about which types of cloud offerings are the most appropriate, according to Rick Piña, principal technologist for the DoD at World Wide Technology and former CTO of the U.S. Army.
“The good part is that there are now some controls and checks and guidance in this, some type of opportunity,” said Piña. “The challenge is that, really, you haven’t seen, from a DoD perspective, real true clarity on which way is going to be the way.”
All four panelists agreed that the cloud adoption process is largely in its infancy for most agencies, and that a greater understanding of how government cloud should work would come with time.
“We are at the infancy in this journey,” said Gagliano.