Data Center 74 - Reliable Web Hosting

Private Clouds Leverage Colocation

The resistance of Federal agencies to accept the policy requirement for them to migrate sensitive data to a public cloud computing model due to security concerns comes of no surprise to Charlotte colocation providers.  For all of the benefits that cloud computing provides, the very real concern of the challenge to maintain secure data against cyberattacks in the public cloud continues to be its Achilles’ heel.  Many departments have found that cloud computing is beneficial, but it isn’t the cloud computing that the Office of Management and Budget (OMB) had intended.

Best Laid Plans

In late 2010 former White House Chief Information Officer Vivek Kundra was instrumental in developing the White House policy designed to leverage commercial cloud technologies and other cloud technologies known as “Cloud First.”  The plan also included consolidating many of the government data centers, with a goal to reduce the total number from over 2, 100 to 1,300.  Much of the focus was on the belief that the government agencies would be able to leverage public cloud services to reduce their dependence on data centers.  Kundra said that his office intended to develop a strategy that would accelerate the adoption of cloud computing by focusing on ways to ensure that data stored in the cloud would be safe and secure.  The policy held each agency responsible for identifying and three services that could be moved to the cloud; the first had to be migrated within a year with the other two to follow within 18 months.

Great Minds in Greener Pastures

In June of 2011 Kundra surprised some people when he announced that he would be resigning his post as CIO to accept a high ranking position at Harvard, to others it came as no surprise.  Commentator Dan Rowinski remarked in an article on the website Readwriteweb.com: “The best way to think of the federal government is that it is a large enterprise operation that is perpetually three to five years behind the times… the move by Kundra may be the signal of a trend.  Innovative technological minds do not want to work in federal (or state and local for that matter) government.”  Rowinski cemented his remark by noting that revered NASA CTO Chris Kemp resigned his post in early 2011 to become an entrepreneur in Silicon Valley.

Don’t Lead, Follow

Safeguarding sensitive data is at the center of the issue.  Government agencies are entrusted to protect classified data, and the feeling is that once they place that data in a public cloud provider’s system they become the most coveted target for all cyber-attacks.  Politico.com columnist Jennifer Martinez noted that “the Government Accountability Office said this spring that reports of security incidents from agencies rose 650 percent over the past five years — up from more than 5,500 reported incidents in 2006 to more than 41,700 incidents in 2010.”  Without security standards in place, much is at stake.  The article includes a remark from Cynthia Cassil; Director of Systems Integration for the U.S. State Department.  Cassil defended her agency’s lack of cloud involvement on the fact that her group is a security agency, and she prefers to let other agencies blaze the trail to the cloud so that she can acquire some insight into best practices.

One Size Does Not Fit All

An analogy that may lend relevance is comparing cloud computing to swimming pools where secure data is equal to children.  Private clouds, like private pools, are expensive to construct compared to their public counterparts.  End users of public clouds and public pools only pay to use the resources and are not burdened with construction or maintenance costs.  From a cost perspective, it is clear to see how beneficial the public model can be; however, private pools and private clouds allow their owners to determine who is granted access and can also implement their own security policies.  The focus in the private model is squarely on maintaining control of protection policies, not on a great reduction in cost.  Through the introduction of virtualization, cost reductions are very possible in a private cloud, yet their scalability will only extend to the limit of the collection of resources that make up the arrangement .

One glaring point is worth mentioning on the public side.  Public pools are visited by users from anywhere (including other countries) under the guidelines that they pay for the service, as is true with public clouds; however, most users of a public pool are local to a certain area.  In a public cloud scenario, data may be stored in multiple locations, including outside of the United States.  It is highly unlikely that federal agencies would be accepting of their data leaving the confines of the country; therefore, the concept that leveraging commercial cloud services is a good idea for all agencies seems a bit unreasonable.

Private Cloud and Public Cloud; the Hybrid Cloud

One of Martinez’s comment seems to envelop the thinking of most agencies in regards to risk: “defense agencies and others charged with protecting personally identifiable information and data critical to national security should adopt a hybrid model — one that includes use of the private cloud for sensitive data and the commercial cloud for more general information.”  This is likely where conflict will arise because private clouds operate under the watchful eye of the agencies themselves and occupy space in government data centers, which are the very target of government cutbacks.

The sentiment of using a hybrid model runs parallel to the feelings of CEOs in the private sector.  Organizations that have invested significant amounts of capital into building their IT infrastructure are unwilling to declare their investment “sunk costs” until they have recouped a respectable level of return on their investment.  In addition, many IT directors are hesitant to move their environment to the public cloud, as they are concerned that the risks of disruption of services may outweigh the cost benefits.  Once the security issues enter into the equation, the argument for cost savings becomes moot.

Agencies that believe that private clouds located in secure government data centers offer the best combination of cost savings and security echo the sentiments of private companies that leverage secure private data centers that provide colocation services.  Colocation based data centers offer reliable services with multiple layers of redundancy that guarantees nearly 100% uptime for network and power.

About DC74 Data Centers

DC74 operates four data centers in the eastern United States that offer a myriad of data centers services designed to assist companies to whom network uptime is critical, while safeguarding data in secure facilities.  DC74 has offices in three states and focuses on providing Baltimore, Washington DC, and Charlotte colocation services.