Since the cloud-first policy came out in 2011, the federal government has pushed for the use of cloud technologies as a foundation to IT modernization. But cloud alone is not a silver bullet. It must be paired with modern on-premises hardware to maximize benefits.
That’s because although cloud offers many benefits – flexibility and scalability, for instance – it also comes with challenges. Consider that many agencies start small with a cloud solution implementation and then extend it.
“That creates a system of operational complexity caused by supporting multiple environments, especially considering that more than half of federal agencies say that some systems are in the cloud, and two-thirds of agencies use cloud for critical applications,” said Dan Kent, CTO at Red River.
At the same time, however, only a third of federal agencies trust their secured data in the cloud. The federal government has taken actions to help bolster security. The most prominent example of this is the Federal Risk and Authorization Management Program, which has authorized 278 cloud service providers as meeting strict security and maturity requirements since its establishment in 2011.
The National Institute of Standards and Technology’s Cloud Computing Standards Roadmap and encryption standards also guide agencies in security, but the solutions still have to be configured and maintained properly within agencies.
Another tricky aspect is that technology and standards for securing it are fluid. Recognizing this, the federal government switched in 2019 from a cloud-first stance to a cloud smart policy, which embodies “the interdisciplinary approach to IT modernization that the Federal enterprise needs.”
But even that has caveats as use of quantum computing gains traction and the number of threats to the Internet of Things increases.
On-premises servers will always have an edge over public cloud technology when it comes to keeping critical data secure. The newest hardware, like Dell’s EMC PowerEdge servers, offers some advanced security features not found in public cloud solutions:
- Root-of-trust technology to monitor Basic Input/Output System software
- Memory encryption
- Secure encrypted virtualization that encrypts each virtual machine with a unique key known only to the processor
IT modernization is a must. Updating IT infrastructure and servers can make agencies more efficient and cost-effective, enabling them to do more with less while meeting constituents’ 21st century needs.
“In addition to relying on federal standards and guidance, agencies can also take security into their own hands by making sure they partner with cloud service and IT providers that make security as much of a priority as they do,” said Kent.
Red River and Dell Technologies have joined forces to provide end-to-end solutions for agencies looking to optimize their existing infrastructure or explore emerging technologies, such as 5G and artificial intelligence, in the cloud or at the edge.
Paired with basic cyber hygiene steps that agencies can take – regularly performing risk assessments, using multifactor authentication, encrypting data at rest and in transit and continuously monitoring for anomalous behavior – these solutions prepare agencies for today’s top-of-mind issues and tomorrow’s unknowns.
This article is an excerpt from GovLoop’s guide entitled “Your Guide to Becoming an Adaptive Agency.”