Many governments haven't yet made the leap to the cloud due to security concerns — here are a few reassurances.
As elections draw closer and the candidates lay out in increasing detail their visions for the country, we've seen plans arise for economic reform and health-care changes. But no candidate has spoken out about structural reform — how to make the government operate more efficiently. The easiest way to do that? By taking advantage of the same technologies that have transformed almost every other modern industry.
The need to deliver better services at a lower cost is driving every level of government to look for new, more collaborative ways of working. While this need is not new, the tools available to government organizations are. Initiatives to drive greater collaboration — internally between teams and agencies, as well as externally with partners, suppliers and the public — are today being met with a mix of cloud computing, social tools, mobile devices and collaborative work platforms.
While these tools have presented government organizations an opportunity, they also have brought challenges. Most notably, the ability to leverage cloud technologies for collaborative work management in a way that strikes a balance between the very real need to protect sensitive data, and the need to remain proportionate and aligned with wider business goals. In other words, tools cannot compromise on ease of use when programs are increasingly being evaluated and funded based on the public’s and employees' experience.
A recent report by Gartner titled 2015 CIO Agenda: A Government Perspective speaks to this dichotomy. “Infrastructure, analytics and cloud computing are the top three technology priorities for government CIOs in all tiers and regions," the report states, "but the adoption of cloud services in government lags behind other industries.”
The desire for change is clear enough, from multi-agency project coordination and supplier management, through to employees' basic need to sync, share and publish files across desktop and mobile devices. But have governments moved quickly enough? The Gartner report goes on to say that for CIOs in general, “in relatively short order, cloud has moved from a concept, to a possibility, to a viable option,” though only a "small minority" of government CIOs are adopting a cloud-first approach when scoping new projects.
More than two years ago, the UK government actively promoted its position on cloud technology.
“The Cloud First policy will embed the skills a modern civil service needs to meet the demands of 21st-century digital government and help us get ahead in the global race,” said then-Minister for the Cabinet Office Francis Maude.
Similarly, more than three years ago, the U.S. government paper Building a 21st Century Platform to Better Serve the American People concluded that, “Going forward, we must pilot, document and rapidly scale new approaches to secure data and mobile technologies and address privacy concerns. ... Shifting to the cloud is one area of opportunity.”
What, then, is stopping some government bodies from actually taking to the cloud?
The obstacle is security — or the perception of it.
Of CIOs who participated in the Gartner 2015 CIO Agenda research, 91 percent think the digital world creates new types and increased levels of risk in government. In addition, government CIOs are hampered by complex legacy IT environments that must be simplified and modernized.
In independent research that collaboration and project management software vendor Huddle commissioned into public-sector IT practices in the UK, the results show that just 37 percent of central government employees are confident using cloud IT. Furthermore, only a little over half of staff in IT departments are self-assured using cloud platforms, with almost one quarter claiming not to have used one at all. This is a major barrier to effectively implementing many of the government’s service evolution programs, and one that almost certainly also exists in the U.S.
The reason for this uncertainty emanates from fears surrounding security, the time and effort it takes to move to cloud platforms, and a lack of expertise to implement them. Nearly half of central government staff felt their organizations could not see the benefit in cloud computing. But the research also suggests that a huge 93 percent of central government staff share and work on information with external organizations. If this external data collaboration is not taking place via secure cloud platforms, then insecure and inefficient approaches are filling the void — email, post and even couriered hard copies.
Yet the importance of effective security cannot be underestimated. Not just the basic concern of the sensitivity of the data that public-sector bodies hold, but also the degree to which external collaboration features in daily public-sector life.
Public-sector CIOs need to recognize that moving to the cloud is a cultural revolution, as well as a technological evolution. The first step to this is reversing the security fears. A frontline lack of trust in cloud security is the fundamental Achilles’ heel of the wider and faster adoption of public-sector cloud services.
The U.S. government's official FedRAMP certification ensures that cloud services maintain a certain level of quality and security. CIOs who are concerned about the safety of their data or the feasibility of using the cloud can easily use the FedRAMP certification to vet potential solutions and have confidence that their cloud strategy will be appropriately supported.
In addition, seeking out products with certified data centers ensures that any sensitive information an organization is hosting will be stored securely. CIOs must simply look for Statement on Auditing Standards (SAS) 70 Type II and Statement on Standards for Attestation Engagements (SSAE) 16 data center accreditation to put their minds at ease.
If government is willing to harness the power of the cloud, it has the potential to dramatically change the way this country operates for the better ... now it just needs the right person to lead the way.
Never miss a story with the daily Govtech Today Newsletter.