The US Department Of Energy Is Finally Embracing Cloud Technology

The US Department of Energy is Finally Embracing Cloud Technology

A new DOE paper explains how national labs can migrate to the cloud without compromising security.

I’m sure it won’t come as a shock to anyone in the tech industry (or outside it for that matter) that the US government can be slow to adopt new ideas, but the DOE recently released a paper pushing all of its national labs to embrace cloud technology whenever possible.

The white paper, titled Department of Energy National Laboratories and Plants: Leadership in Cloud Computing, actually puts national labs like Fermi Lab and Lawrence Livermore in the position of having to justify not using cloud computing instead of the other way around.

This is partially just getting DOE agencies in line with the federally mandated 25 Point Plan to Reform Federal Information Technology Management, which originally created the ‘cloud first’ policy. Taking a cue from private enterprise, the government realizes that they would be missing out on huge savings if they continued to do all of their IT work in-house. The report specifically says, “A public cloud provider may be the best way to quickly get services to the business without adding trained staff and infrastructure.”

But what might be a simple migration for some government agencies is quite a bit trickier for the DOE because of their highly sensitive responsibilities.

To give you just one example, the DOE is partially responsible for maintaining US nuclear missile silos. Security is more important for them than practically anyone else on the planet.

The DOE cites IT advisory firm Gartner’s list of seven key security issues that need to be taken into account before moving to the cloud:

1.privileged user access
2.regulatory compliance
3.data location
4.data segregation
5.recovery
6.investigative support
7.long-term viability

It’s a pretty thorough list, and asking each national lab and their already busy personnel to tackle security reviews from scratch would result in a lot of duplicated effort, and probably quite a few security oversights as well.

That’s why the DOE is creating E-RAMP, a common framework for evaluating security issues surrounding cloud computing that all DOE agencies can use. Even though national labs have different goals and responsibilities, they will all use E-RAMP guidelines with the assurance that they are staying in line with DOE and federal regulations and using cloud computing responsibly.

I think this is really exciting for three reasons.

First, it’s a huge boost to cloud advocates like myself who are trying to convince businesspeople that cloud computing is safe. If even national labs working with state secrets are starting to use it, surely corporations should feel confident to migrate to the cloud as well.

Second, one of the main reasons that government is slow to adapt is because bureaucrats can be more concerned with playing it safe than getting the best possible results. E-RAMP tells those bureaucrats that they had better get moving to the cloud, but it also lets them know that as long as they follow E-RAMP they aren’t putting their jobs on the line. That’s a powerful combination for getting things done.

Finally, national labs employ thousands of people working on some of the most difficult computational problems in the world. When these groups move, en masse, to cloud computing they are going to create new challenges for the cloud sector to meet.

My regular readers know that I’m mostly interested in how cloud technology impacts the business world, and that’s just as true with this paper. I’m glad that the DOE, and the rest of the federal government, is coming around to the amazing potential of cloud computing, but I’m even more excited about the business opportunities that are just around the corner.

While the white paper itself might not be the most entertaining read, this new policy is going to spur growth and innovation in our industry for years to come and it’s something we should all be happy about.

Further Reading

Department of Energy National Laboratories and Plants: Leadership in Cloud Computing

By Jan Brass

About Jan Brass

Jan is a tech industry veteran and self-described geek. An avid blogger, Jan covers cloud technology news and publishes opinion pieces on cloud computing on her blog, http://janbrass.org.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comics
Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises The surface costs might give you pause, but the cost of diminishing your differentiators is far greater. Will a shift to the cloud save you money? Potential savings are historically the main business driver cited when companies move to the cloud, but it shouldn’t be viewed as a cost-saving exercise. There…

The Fully Aware, Hybrid-Cloud Approach

The Fully Aware, Hybrid-Cloud Approach

Hybrid-Cloud Approach For over 20 years, organizations have been attempting to secure their networks and protect their data. However, have any of their efforts really improved security? Today we hear journalists and industry experts talk about the erosion of the perimeter. Some say it’s squishy, others say it’s spongy, and yet another claims it crunchy.…

Digital Twin And The End Of The Dreaded Product Recall

Digital Twin And The End Of The Dreaded Product Recall

The Digital Twin  How smart factories and connected assets in the emerging Industrial IoT era along with the automation of machine learning and advancement of artificial intelligence can dramatically change the manufacturing process and put an end to the dreaded product recalls in the future. In recent news, Samsung Electronics Co. has initiated a global…

Using Private Cloud Architecture For Multi-Tier Applications

Using Private Cloud Architecture For Multi-Tier Applications

Cloud Architecture These days, Multi-Tier Applications are the norm. From SharePoint’s front-end/back-end configuration, to LAMP-based websites using multiple servers to handle different functions, a multitude of apps require public and private-facing components to work in tandem. Placing these apps in entirely public-facing platforms and networks simplifies the process, but at the cost of security vulnerabilities. Locating everything…

Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been mature for decades, the network security market had to transform rapidly with the advent of the BYOD trend and emergence of the cloud, which swept enterprises a few years ago.…

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks Does cloud security risks ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that, and…

2017 Brings DLP Technology and IoT’s Weaknesses to Light

2017 Brings DLP Technology and IoT’s Weaknesses to Light

DLP Technology In regards to data loss prevention (DLP), in the last five years many companies rushed to implement DLP solutions without taking the time to first identify the data that should not transit egress points. Most of these rushed implementations have not been successful. Security analysts, in particular 451 Research, have been recommending that…

Are Cloud Solutions Secure Enough Out-of-the-box?

Are Cloud Solutions Secure Enough Out-of-the-box?

Out-of-the-box Cloud Solutions Although people may argue that data is not safe in the Cloud because using cloud infrastructure requires trusting another party to look after mission critical data, cloud services actually are more secure than legacy systems. In fact, a recent study on the state of cloud security in the enterprise market revealed that…

5 Things To Consider About Your Next Enterprise Sharing Solution

5 Things To Consider About Your Next Enterprise Sharing Solution

Enterprise File Sharing Solution Businesses have varying file sharing needs. Large, multi-regional businesses need to synchronize folders across a large number of sites, whereas small businesses may only need to support a handful of users in a single site. Construction or advertising firms require sharing and collaboration with very large (several Gigabytes) files. Financial services…