When I hear many government executives talk about cloud computing today, they still express a view that cloud computing is in their future but the timing is very vague. Some have undertaken limited cloud initiatives but too many have not. But of course this hesitancy to adopt a new technology is not without precedent.
Back around the turn of the century, when I was still an executive in government, I pulled together a group of appropriate individuals to develop a strategy for accepting tax payments electronically over the internet. The only detail of that meeting which I recall is that the representative of the security office got very angry. She declared that the internet was not secure, that the government would never use the internet for payments, and then stormed out of the room. That was not such a crazy view at the time. The widely available public internet was only about 10 years’ old and the commonly held view in both government and the private sector was that the it was not safe enough for such transactions. But there were people willing to ask the question “how can we do it safely?” and now we not only accept, but expect that we can use the internet for all forms of financial transactions.
In its early days, cloud computing, like the early stage internet, raised many questions in terms of security and privacy risks. Also like the internet, it has matured rapidly and now is the time for governments to be asking the “how can we do it safely?” question and move forward. As all know, we continually face system security risks and challenges. But this is not just true of cloud solutions. Thus governments should not expect to wait until cloud computing is “perfect” to take advantage of the flexibility, adaptability and cost efficiency cloud offers. The financial challenges for government are not going away and delays in taking advantage of the latest technologies only exacerbate the problem.
Both access control and data protection for cloud computing have advanced significantly since those concerns of the early days. Like the business community, governments should approach any technology with appropriate caution. It is reasonable to expect that most government departments will initially implement government only private clouds. But soon thereafter they will likely move to hybrid clouds, mixing private and public clouds based upon the sensitivity of the applications and data involved.
But the challenge here is for governments to stop hesitating and begin the work involved in moving to a cloud-based environment. For more information on the information management challenges around cloud computing, this document (http://ibm.co/29IMcVl) would be helpful. For understanding the state of the technology and how the security works, this site (http://ibm.co/29JhNVJ) provides useful insights.