How government can securely leverage cloud environments

[InfoSec News <alerts () infosecnews org>]

http://gcn.com/Articles/2014/05/09/Insight-Hybrid-Cloud-Security.aspx

By Dan Chenok
GCN.com
May 09, 2014

In recent years, federal agencies have made significant strides 
incorporating cloud computing into their IT portfolios.  From the OMB 
“Cloud First” strategy, to GSA’s Federal Risk and Authorization Management 
Program (FedRAMP), the government is following commercial best practices 
to leverage the cloud.

Cloud capabilities can be provided over the public Internet or through 
connections over private networks -- and government does both. Some 
agencies establish private clouds due to perceived risks of making data 
available over public channels. At the same time, they are moving toward 
greater use of the open Internet, including public clouds.

In many cases, the choice for agencies is not public or private clouds, 
but rather a blend of the two approaches – often referred to as a hybrid 
cloud – where Internet-based applications provide information into a 
system that sits inside agency firewalls.

Since hybrid clouds span both the public cloud as well as the user’s 
private environment, and integrate with systems in each, consideration 
must be given to IT governance across the whole enterprise. Hybrid clouds 
blend public and private development, oversight and integration with other 
processes.

[...]

--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/