Whenever talk drifts to the cloud, there is always someone who plays the security card. The argument goes that you sacrifice security when you virtualize and move to the cloud. Well, if you subscribe to that argument, you might be surprised to learn that Richard Spires, who is CIO at the United States Department of Homeland Security is moving his agency full speed into a private cloud strategy.
According to an article by Rich Miller (no relation) on the Data Knowledge Center Blog, Spires is a big fan of private cloud computing and has taken steps to build a private cloud environment at the super-secret agency. Miller writes:
“We really are trying to act as a private cloud, moving to a services-based pricing model,” said Spires. “We are early in this, but making good progress.” The current offering includes full virtualization capabilities, a multi-tenant environment, and is paid for as a service. One advantage of the new system is that it makes it easier to manage chargebacks for users within the sprawling DHS purview.”
As I’ve argued here many times, one of the key advantages of a private cloud system is the ability to charge users for the resources they use. Every CIO should be paying attention. If you have the ability to charge users, they are more likely to use those resources wisely and you have a better idea for budgeting purposes just what you need.
Obviously, a large department like DHS needs to worry about the ability to continue to scale (or to provide extra services at a moment’s notice during a crisis). The cloud provides a much more flexible environment to meet the changing needs of an organization with the size and complexity of DHS.
You may recall last week, I wrote about another government-sponsored private cloud initiative run by the Defense Information Agency. The interesting thing about that panel discussion at the MIT CIO Conference in 2009 was that it included a pharmaceutical executive who complained she couldn’t use the cloud because of security issues. The moderator pointed out the obvious irony that the DIA was using it, but the private company executive was claiming she couldn’t.
The fact is, if these agencies dealing with highly sensitive information–much more sensitive than anything you’re likely to deal with in the typical private sector company– can accept any security risks, why can’t you?
What’s more, these agencies recognize that the private cloud bring scalability, accountability and flexibility and these are features are more than marketing buzz words. Spire and Hight both realized they could cut costs, reduce hardware complexity and simplify processes by moving to the cloud.
Spire admits his agency is a little buttoned down to consider a public cloud option, but he is convinced a private cloud is a great way to go for his agency.
Seems if the DIH and DIA are in, you might want to reconsider what’s holding you back and see if your concerns are real or imagined.