Although cloud security has improved tremendously over the years, public cloud still gives some federal IT managers pause.
To at least some federal IT managers, the idea of trusting sensitive data to a public cloud provider is not much more appealing than spending a night in an abandoned house while being stalked by Stephen King’s Pennywise or some other evil clown (really, is there any other kind?)
The loss of control over their data and the necessity to trust an outside entity to maintain tight security is a bridge too far for many. Indeed, a recent survey found that only 36 percent of federal IT professionals would be comfortable entrusting mission-specific apps to a public cloud.
Meanwhile, a slightly older study from Meritalk, commissioned in part by Cisco, found that 75 percent of federal agencies would like to move more services to the cloud, but are concerned about retaining control over their data.
Federal agencies have more constraints on cloud than do private-sector organizations. Any cloud solution an agency deploys must be FedRAMP-authorized. FedRAMP, or Federal Risk and Management Authorization Program, requires solutions to meet minimum security standards.
FedRAMP isn’t required for state and local government organizations, but many of them rely on it too, as an alternative to performing their own security evaluations.
While the list of offerings that have been evaluated under the program is growing, it remains limited.
For federal IT leaders trying to balance security and agility, a hybrid cloud often provides an ideal solution. In a hybrid cloud, workloads can run in your data center or in the cloud; you decide which is more suitable for a given situation. The hybrid cloud can be said to provide the security of a data center and the agility of a public cloud. Moreover, depending on the configuration and systems chosen, administrators can often manage the multiple clouds from a single interface.
When powered by advanced technology such as Cisco’s HyperFlex Systems (learn more here), hybrid cloud addresses many of the concerns that IT professionals express about public cloud environments.
No more evil clowns.