Cloud-phobia is very real, especially in national security. Even mentioning the term can stop public safety leaders dead in their tracks. To them it means unproven, vulnerable, insecure, and risky. Like any emerging technology or computing method, security and defense leaders are viewing it with caution, which is understandable given their responsibility to protect data critical to their country’s national security and economic stability. But cloud computing comes in a variety of different forms, and emerging private cloud options often provide a compelling mix of military-grade customized security, cost savings, and efficiency benefits.
In my discussions with security leaders, I don’t tackle cloud-phobia head-on; in fact, I don’t even mention the word. Instead, we talk about their needs, and what cloud really means. Essentially we are talking about computing resources delivered as a service, over a network (usually the Internet). It means self-service access to applications from nearly any location, scalability to meet peaks and valleys in demand, far lower IT management costs and improved information sharing. And customers get to pay as they go, and only for what they use – like buying a cell phone plan instead of building and maintaining a wireless network.
Cloud typically means that you’re partnering with an organization like Microsoft to host your data, which is a big adjustment, especially in national security. In public clouds, data from various organizations is managed within data centers owned by a third-party. Public clouds typically don’t cut the mustard with national security leaders because of the lower security standards and the fact that their data is being mixed with data from consumer and commercial entities. But a private cloud ensures that the entire computing infrastructure is dedicated solely to your organization.
The first private cloud option still involves a hosting partner like Microsoft, but because the environment is dedicated to one organization, it can be customized to meet the unique security and privacy needs of that organization. Microsoft can build a military-grade private cloud infrastructure specifically for your national security agency, and you can determine who has access to the facility, who has access to the data, and how the information is being secured. In the end your agency gets a private data center, staffed by your people, without the traditional costs associated with building and managing it.
We realize that trusting a partner to host your data isn’t what most national security organizations are used to, or even ready for. But even those organizations should examine building their own private cloud, hosted on-premise within their own data centers, and delivered through their own internal network. A great example of this comes from the Defense Information Systems Agency (DISA) in the U.S., which built its own private cloud to host Microsoft Office applications and other services. The U.S. Army is currently one of DISA’s tenants.
The other key point is that cloud isn’t an all-or-nothing proposition. Some workloads like email or collaboration tools might make more sense in the cloud than more sensitive data. Most government organizations will be running hybrid IT environments made up of both cloud and on-premise resources for the foreseeable future. We know the stakes are higher in national security and defense, but don’t let cloud-phobia limit your options. You might find that the private cloud lets you reap the cost-savings and efficiency benefits without sacrificing security. So now you can have your cake and eat it too.
Have a comment or opinion on this post or a question for the author? Let me know @MicrosoftPSNS or email us at firstname.lastname@example.org.