Federal IT leaders are moving ahead with cloud computing projects, but it appears that many of them aren't moving as quickly as mandated by the "cloud first" policy, which requires CIOs to move one service to the cloud by the end of this year and two more by mid-2012. The "Federal Cloud Weather Report" published in April by MeriTalk found the following:
-- 52% will move the first service to cloud computing in the next 12 months.
-- 48% will move the next two services to the cloud within the 18-month time frame.
Sidebar: Faulty road map?
The General Services Administration launched the Federal Risk and Authorization Management Program (FedRAMP) last November to "provide a standard approach to assessing and authorizing cloud computing services and products" and to establish security standards for federal cloud computing. But MeriTalk's "Federal Cloud Weather Report" cites the following challenges: 64% of 167 federal government IT leaders surveyed said they understand FedRAMP but aren't optimistic that it will help. 56% said it will neither aid nor speed federal cloud adoption. 67% said it won't make federal cloud computing more secure.
Sidebar: Classified data? Not in the cloud
IT leaders are constantly weighing cloud computing's benefits against its security risks.
In its spring survey of 375 federal, state and local government IT decision-makers and influencers, CompTIA found that 44% of cloud implementers rated network security as a top challenge. Thirty-six percent listed compliance with security mandates as a top challenge, while 35% cited data loss prevention and 35% pointed to hardware security.
Tim Herbert, vice president of research at CompTIA, says CIOs are concerned about keeping data and systems safe from malicious attacks and establishing data governance procedures in an environment that encourages collaboration and sharing.
"It comes up a lot -- security and policies. And it comes up in the private sector, too," he says. "Some of that concern is reality, and some of it is perception."
At the very least, analysts say, those security concerns will keep classified data out of the cloud for the time being even as the General Services Administration and other agencies establish security standards. And it will likely limit to some degree the amount of less-sensitive data that migrates to the cloud as well.
Pratt is a Computerworld contributing writer in Waltham, Mass. Contact her at firstname.lastname@example.org.
Related story: Why Missile Defense Agency's CIO is sold on the cloud
This story, "Feds race to the cloud" was originally published by Computerworld.