A white paper was released last Tuesday that was co-authored by NJVC vice president and general manager Kevin L. Jackson highlighting the risks and benefits of cloud computing for the intelligence community.
The white paper “Cloud Computing: Risks, Benefits and Mission Enhancement for the Intelligence Community,” was released by INSA, in conjunction with Government Executive magazine, at a cloud computing panel discussion at the National Press Club in Washington.
“The expertise of Kevin Jackson and NJVC in the IC market was hugely beneficial to the INSA white paper development team,” said Bob Gourley, task force chairman and founder and CTO of Crucial Point, LLC. “The government-industry collaboration demonstrated by this study serves as an important model for us all. I thank everyone involved for their individual contributions in support of the whole.”
The white paper was developed by Jackson and other members of INSA’s Cloud Computing Task Force and was based on information collected from more than 50 interviews with cloud thought leaders and policy makers in the public and private sectors.
The white paper found:
- IC decision-makers are focused on the business model implications of cloud computing, which represents a new approach in the provisioning and consumption of IT.
- For the IC, the decision to move to the cloud must be focused on “mission enablement” on a case-by-case basis. Cost savings must also consider the entire IT lifecycle, not periodic budget cycles.
- Information security must be baked into the cloud computing architecture from the very beginning.
- The type of cloud model adopted by an IC agency is directly related to the sensitivity of its data.
- IC agencies looking to migrate to the cloud must also consider “impacts on organizational culture.”
- Adoption of cloud computing may improve the way IC agencies procure IT services, software and hardware.
- “Thoughtful federal input” about emerging cloud computing standards (e.g., FedRAMP) can contribute to the cloud’s security and cost efficiencies. An IC-based cloud architecture also must be able to support multiple standards.
- Sharing lessons learned from the IT industry, private sector and academia is essential to reducing cloud computing risk in the IC.