The US Department of Energy is Finally Embracing Cloud Technology
A new DOE paper explains how national labs can migrate to the cloud without compromising security.
I’m sure it won’t come as a shock to anyone in the tech industry (or outside it for that matter) that the US government can be slow to adopt new ideas, but the DOE recently released a paper pushing all of its national labs to embrace cloud technology whenever possible.
The white paper, titled Department of Energy National Laboratories and Plants: Leadership in Cloud Computing, actually puts national labs like Fermi Lab and Lawrence Livermore in the position of having to justify not using cloud computing instead of the other way around.
This is partially just getting DOE agencies in line with the federally mandated 25 Point Plan to Reform Federal Information Technology Management, which originally created the ‘cloud first’ policy. Taking a cue from private enterprise, the government realizes that they would be missing out on huge savings if they continued to do all of their IT work in-house. The report specifically says, “A public cloud provider may be the best way to quickly get services to the business without adding trained staff and infrastructure.”
But what might be a simple migration for some government agencies is quite a bit trickier for the DOE because of their highly sensitive responsibilities.
To give you just one example, the DOE is partially responsible for maintaining US nuclear missile silos. Security is more important for them than practically anyone else on the planet.
The DOE cites IT advisory firm Gartner’s list of seven key security issues that need to be taken into account before moving to the cloud:
1.privileged user access
It’s a pretty thorough list, and asking each national lab and their already busy personnel to tackle security reviews from scratch would result in a lot of duplicated effort, and probably quite a few security oversights as well.
That’s why the DOE is creating E-RAMP, a common framework for evaluating security issues surrounding cloud computing that all DOE agencies can use. Even though national labs have different goals and responsibilities, they will all use E-RAMP guidelines with the assurance that they are staying in line with DOE and federal regulations and using cloud computing responsibly.
I think this is really exciting for three reasons.
First, it’s a huge boost to cloud advocates like myself who are trying to convince businesspeople that cloud computing is safe. If even national labs working with state secrets are starting to use it, surely corporations should feel confident to migrate to the cloud as well.
Second, one of the main reasons that government is slow to adapt is because bureaucrats can be more concerned with playing it safe than getting the best possible results. E-RAMP tells those bureaucrats that they had better get moving to the cloud, but it also lets them know that as long as they follow E-RAMP they aren’t putting their jobs on the line. That’s a powerful combination for getting things done.
Finally, national labs employ thousands of people working on some of the most difficult computational problems in the world. When these groups move, en masse, to cloud computing they are going to create new challenges for the cloud sector to meet.
My regular readers know that I’m mostly interested in how cloud technology impacts the business world, and that’s just as true with this paper. I’m glad that the DOE, and the rest of the federal government, is coming around to the amazing potential of cloud computing, but I’m even more excited about the business opportunities that are just around the corner.
While the white paper itself might not be the most entertaining read, this new policy is going to spur growth and innovation in our industry for years to come and it’s something we should all be happy about.
By Jan Brass
About Jan Brass
Jan is a tech industry veteran and self-described geek. An avid blogger, Jan covers cloud technology news and publishes opinion pieces on cloud computing on her blog, http://janbrass.org.
- Controversial Chinese Cybersecurity Law Under Review Again - June 28, 2016
- Data Protection and Session Fixation Attacks - June 27, 2016
- 15 Cloud Data Performance Monitoring Companies - June 21, 2016
- Cross-Site Scripting – Why Is It A Serious Security Threat For Big Data Applications? - June 21, 2016
- What’s Ahead For Predictive Analytics And Why It Matters For Businesses - June 17, 2016