,

US State Department Considers Cloud Computing

(First posted on “Cloud Musings on Forbes“)

Today I spent six hours in downtown DC at the first quarterly technology educational seminar and IT Expo to be held by the U.S. Department of State’s Bureau of Information Resource Management. Keeping with the bureau’s mission “to empower diplomacy, consular services, and development, by providing access to information and technology solutions anytime and anywhere”, the focus of this inaugural event was cloud computing. Speakers included State Department CIO Susan Swart and Ken Rogers, Director of IRM/BMP/SPO

As stated in the event announcement, the Department of State is committed to pursuing a “Cloud First” strategy as outlined in the Federal CIO’s 25 Point IT Reforms . Cloud Computing is also a key goal of the Department’s IT Strategic Plan (ITSP). The Department also plans to take full advantage of cloud computing by refining its approach to risk management as outlined by the Federal Risk and Authorization Management Program (FedRAMP).

State Department Cloud Computing Goal

FedRAMP has been established to provide a standard approach to Assessing and Authorizing (A&A) cloud computing services and products. It allows joint authorizations and continuous security monitoring services for Government and commercial cloud computing systems intended for multi-agency use. Joint authorization of cloud providers results in a common security risk model that can be leveraged across the Federal Government. The use of this common security risk model provides a consistent baseline for Cloud based technologies. This common baseline ensures that the benefits of cloud-based technologies are effectively integrated across the various cloud computing solutions currently proposed within the government. The risk model will also enable the government to “approve once, and use often” by ensuring multiple agencies gain the benefit and insight of the FedRAMP’s Authorization and access to service provider’s authorization packages.

State Department is also in the planning stages of creating a private cloud model which builds on several initiatives already underway (e.g. Virtualization, Enterprise Server Operations Centers East/West, and applications such as global SharePoint services) which provide building blocks of cloud computing, but enable them to retain their internal networking security posture. According to the Federal Cloud Computing Strategy, State is expected to spend approximately $1B on cloud computing.

Cloud Musings

Leave a Comment

Leave a comment

Leave a Reply