Happy Friday, Federal friends! I hope everyone had a festive Halloween! According to the commercials I've been seeing on starting on 11/1 I guess we're skipping Thanksgiving this year and jumping right into the Holiday Season...
So the time has finally come, Fed is starting to embrace the cloud (slowly). Within the last week we've seen NIST push out a road map for Cloud Infrastructure & Computing, as well as an article highlighting tips for evaluating the cloud prior to any migration. This is an interesting change of thought, as it seems as they have ramped-up their efforts while realizing that migration into the cloud is inevitable. As we have seen on the commercial side of the world, moving to the cloud has some very real advantages in terms of employee productivity. Not to be overlooked though are the fears of what happens to your data when it's up there, especially given the well hyped Hollywood leaks. That being said industry has taken a focus on making sure the cloud is secure, some of which stems from additional regulations and compliance standards.
Change is scary, but change is also necessary. If you're already planning, or just beginning to think about moving into the cloud there are now some federally sanctioned pieces of information for you to digest. Additionally here are the 8 steps highlighted by GCN:
- Define and document
- Evaluate the cloud architecture
- Perform due diligence
- Negotiate contractual arrangements
- Define continuous monitoring
- Define measures to ensure privacy
- Ensure that the cloud solution provides necessary record-keeping functions
- Ensure compliance with FISMA standards
The Dude abides, even in the cloud(s)...