The COVID-19 pandemic has pushed federal agencies to accelerate decades of technological change into a matter of weeks or months, leading to large-scale innovation. At the center of these quick transformations are cloud services. According to a Bloomberg Government report, federal agencies are on track to spend $7.1 billion in cloud-related investments in 2020.
To assess the future of government contracting and cloud services in a post-pandemic world, WashingtonExec asked Casepoint Vice President of Public Sector Amy Hilbert about COVID-19’s current impact on cloud services, related emerging security concerns, and how cloud capabilities help agencies fulfill critical missions. Hilbert also discusses the status of a cloud solution pilot project with the Securities and Exchange Commission.
How has the pandemic ushered in a new era of government contracting and cloud services?
I think the pandemic has helped drive home the need for contracting to be more nimble so agencies can procure the services they need to meet evolving demands and respond effectively in a crisis.
What security concerns have emerged as a result?
There are more people accessing data from home. This results in increased risk because they are accessing data from a less controlled environment and may be working on their own devices — not just devices owned by the government. Also, when you aren’t surrounded by the visual reminders of security requirements — as you typically are working in a government building — you may be more likely to let your guard down.
Why are cloud services at the center of the accelerated federal IT modernization efforts during COVID?
COVID has helped push agencies to prioritize moving to the cloud. The trend had already started before COVID, but the need became more real with the pandemic. For example, some of the smaller agencies (especially state and local) that I talked to had outdated on-premise solutions and were not able to access data needed for active litigation. They were scrambling to find a way to quickly procure a cloud-based solution, but faced challenges with the procurement cycle. Some were able to get around this with emergency orders or lower-dollar procurements, but some were just stuck.
Do these cloud services also help to minimize those security concerns?
Yes, for many reasons. Data stays in one place (especially if you have an end-to-end solution like Casepoint). It isn’t being passed around on physical media, emailed or loaded into multiple systems. In a cloud environment, security controls are in place to include extra authentication methods, restrict IP addresses, monitor traffic and audit user activity. Roles and permissions can also be set up to control what users can do with the data — for example, you may want only a limited number of users to be able export or print data.
In your position, has your approach to innovation and IT modernization shifted during COVID as you work with public sector customers? Are these changes here to stay?
The pandemic has forced us to reinvent how we function professionally and personally. Outreach, finding creative ways to connect, patience, and understanding have become more important. Those who are more solution focused and able to quickly pivot will be more successful.
How do you recommend agencies make the most of available cloud technology to build a future-proof cloud security culture in a pandemic/post-pandemic world?
COVID is changing how we work, and right now, it looks like it’s going to take some time for things to get back to normal. Many companies are already moving to a fully remote model as we have in Casepoint. Here are a couple of things I would highly recommend:
- Pay special attention to endpoint security, including multifactor authentication, secure cloud gateway and data loss prevention tools — and embrace the zero trust model.
- Now more than ever, it is essential for people to implement cloud technology cautiously, performing vendor risk assessments, providing continuous security training for end users regarding threats like phishing campaigns, and conducting special training for privileged users.
Why is this culture particularly vital as threats of a potential “cyber-pandemic” loom on the horizon?
With more and more users staying remote and embracing a fully virtual model, we need to recognize that this new environment brings its own challenges, like keeping computers up to date with security patches, addressing vulnerabilities with web conference software, accounting for USB access on end-users’ computers, and dealing with increasing numbers of COVID phishing campaigns. As people experience higher levels of stress these days, they are more vulnerable to making mistakes that would not have happened in a regular scenario.
On the other hand, companies that had already embraced cloud technologies before the pandemic have already addressed many of the above scenarios so their transition to pandemic-imposed changes to the work environment have been a lot easier.
Are these cloud capabilities also helping government agencies in unexpected ways, along with COVID response and impact?
For the many agencies that had already embraced cloud technology, the transition to remote work was definitely easier, since their employees require only a stable internet connection to work. It’s also important to remember that by making the transition, we are helping each other and reducing risks for all.
In the beginning of remote work, before the pandemic, there were sometimes issues with speed, connectivity and collaboration tools. Now that everyone is working from home (including executive-level managers) and dealing with these challenges daily, I have seen surprising improvements, whereas the response before would have been, “That’s just the way it is.”
A crucial capability of the cloud for agencies during the pandemic has been the ability to easily flex up and down when required in a short period of time. Cloud computing not only improves access from anywhere, but is also quickly scalable and secure.
What does the future of IT modernization look like as adoption of these cloud capabilities continue?
Back to the theme of reinvention: Technology and agencies will need to be agile. I think the days of vendor “lock-in” will fade away as procurement becomes more nimble and government resistance to change erodes. Vendors will need to stay ahead and make sure they are evolving to solve tomorrow’s problems, not just meet the challenges from four years ago.
How does Casepoint’s pilot project with the SEC to move its eDiscovery to the cloud exemplify the potential and benefits of cloud capabilities?
The SEC pilot project has been able to continue moving forward during the COVID crisis with no negative impact on performance. If we had been implementing an on-premise solution during this period, we would likely have experienced implementation and deployment delays. With a cloud solution we are able to deploy enhancements and patches monthly without any impact to SEC’s daily operations. The environment has scaled seamlessly to support the expansion of data and users.