While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
Few people understand cloud computing better than Maria Roat, the Transportation Department’s chief technology officer and the former director of FedRAMP.
As she leads the build on a new data visualization system, Roat has identified a hybrid cloud solution combining in-house databases with cloud services as the tactic DOT will take to speed the conversion of mass amounts of data into charts and graphs that can aid government decision-makers and the public.
“The source data is in our data centers, and then you have two other public cloud solutions that are working together,” Roat says. “The end user is using one solution, the visualization tool. They wouldn’t need to know what’s on the back end of it.”
Roat is not alone in thinking that hybrid clouds offer the government the ideal tech approach going forward.
At the Environmental Protection Agency, CIO Ann Dunkin says she, too, looks forward to when her agency’s researchers can quickly make use of the data generated in the EPA’s high-
performance computing center.
“We put a lot of effort into scheduling, and we do not meet current demand,” Dunkin says. “People have to wait quite a while.”
It currently takes days — sometimes weeks — for EPA teams to gain processing time. Can a hybrid approach speed the turn on data? Dunkin thinks so.
By integrating existing on-premises computers with pay-per-use cloud computing resources in a seamless user experience, the agency could shave those wait times down to half an hour, she estimates.
“You might spin up 500 extra processors for an hour and then be done,” Dunkin says. “For our researchers, that’s huge.”
Security concerns have kept some agencies from adopting cloud solutions as quickly as industry. A number have begun to implement, or at least consider, hybrid cloud models.
The approach is sometimes used to keep data on local servers (to alleviate security concerns) while helping agencies build out infrastructure quickly, prepare for disaster recovery and, in cases like Dunkin’s imagined hybrid high-performance computing center, accommodate periods of peak demand.
Although the EPA has deployed some cloud solutions, such as Microsoft Office 365, it hasn’t adopted a hybrid cloud model — yet.
“We have plans for hybrid cloud,” Dunkin says. “We’re using probably more than half a dozen cloud providers. When you start looking at those environments, we’re going to be in a hybrid environment at some point.”
Although many companies use cloud resources to store data offsite, that’s not always a desire for federal agencies, says Melanie Posey, research vice president for hosting and managed network services at IDC. With a hybrid architecture, agencies can keep sensitive data in their data centers, she says.
“Instead of taking the data to the cloud, what you end up doing is taking the cloud to the data,” Posey says. “You have the processing front end on the public cloud in some cases, and then you have the data sitting wherever it is. An agency would have a private connection from the network to the cloud provider, rather than over the public Internet.”
The data is secure because it’s in an isolated location. Encryption provides another layer of protection.
Beyond security, some agencies look to hybrid models for cost considerations or simply because a mix of cloud providers and onsite resources offers the best solution.
At Transportation, tech managers must continuously monitor cloud solutions, not only for security reasons but also for performance and utilization, Roat says. For example, an agency may be underutilizing cloud resources and paying for more than it needs.
“Agencies need to pay attention to continuous monitoring and incident response,” she says. “They can’t just put things in the cloud and then assume things are going to continue to work without any issues.”
The Securities and Exchange Commission has two hybrid solutions that flip the usual narrative. The agency hosts a lot of data in the cloud and then processes it using local resources. Two examples are its Market Information Data Analytics System and the Electronic Data Gathering, Analysis and Retrieval system. With both systems, the data is all publicly available and not sensitive.
Cloud’s appeal can’t be denied, says the SEC’s CIO Pamela Dyson. A cloud provider “can pretty much turn on a switch, where that would be a six- to 12-month engagement for us to build those platforms internally,” she says.
Is a hybrid cloud just a stepping stone to an eventual all-in cloud approach?
Dyson doesn’t think so. “We may have some systems that will never be hosted in a public cloud,” she says. “I think we will have a number of these hybrid solutions, where we own and host our own data, and we use the cloud only for the compute capability.”
Such decisions will be made on a case-by-case basis, Posey says. An organization might decide to permanently support steady-state demand for a service with in-house computing but turn to the cloud during peak demand times. Or, an agency might decide to move all nonsensitive data to the cloud for users outside the enterprise.
Roat predicts that tech managers will increasingly turn to the cloud as they become more comfortable with its capabilities.
And a chief driver, she thinks, will be that cloud services let federal IT teams shift their focus away from patching servers and toward developing and improving business applications for their agencies.
“There are always going to be onsite requirements, but I think that footprint is really going to shrink.”