Cloud

Navigating Government’s Shifting Cloud Compliance Landscape

Agencies with the right industry partner won’t need to resort to work pauses or ghost IT projects.

Asim Iqbal is the CTO of Enquizit. A role fueled by his experience in security, storage, and resilience.

Peter Dunn is a seasoned technology and cybersecurity leader with over 25 years of experience driving digital transformation, AI integration and zero-trust initiatives across federal agencies and private enterprises. As the Chief Technology Officer, Federal at CDW•G, he spearheads innovation in cloud, cybersecurity and advanced analytics solutions, enabling organizations to achieve secure, compliant and scalable growth.

Tech companies such as Intel reshaped themselves around essentialist Greg McKeown’s argument that “if you do not prioritize your life, someone else will.”

With the Department of Government Efficiency focused increasingly on quantifiable savings, it stands to reason that agencies that have rationalized efficiency plans ready when DOGE shows up will be better positioned to set their own priorities. These plans further enable agencies to identify inefficiencies in a more holistic way.

CDW Government, with its expertise and proprietary tools such as the Strategic Application Modernization Assessment and SkyMap, can help agencies quantify savings for code and infrastructure optimization. We can also workshop and plan for human-centered design improvements (given government’s focus on citizen experience) and address security concerns about growing nation-state threats.

Cloud is the quickest path to more efficient, secure, citizen-centric agencies, and industry partners such as CDW Government are poised to support them in their journeys.

Click the banner below to dive into CDW's latest cloud research.

Agencies Face Many Cloud Procurement and Compliance Challenges

Some agencies continue to vacillate on their cloud use because they fail to acknowledge that it’s a consumption model, and they need a strategy that reflects this fact.

What’s more, the Trump administration has revoked many of the Biden administration’s executive orders related to cybersecurity compliance and is evolving the Department of Defense’s Cybersecurity Maturity Model Certification 2.0 and General Services Administration’s rebranded Federal Risk and Authorization Management Program 20x. Complying with one program doesn’t guarantee an agency is in compliance with the other.

To get even more granular: Not every cloud capability that Amazon Web Services, Google Cloud or Microsoft offers is on the FedRAMP approved list because the process takes 12 to 18 months.

Plus, the agencies responsible for setting cloud policies may change as government continues to be restructured.

DISCOVER: Agencies must reduce barriers to cloud innovation.

Industry Partners Can Help With Cloud Planning

Understandably, many agencies — such as the Air Force — have implemented a strategic pause on cloud procurements until leadership changes are finished. Others are running ghost IT projects to address their problems, rather than wait for new policies or procedures to be announced.

As these strategic pauses end, agencies will need to look toward industry partners who can assist with cloud consumption and compliance planning.

Agencies may resume procurement to find cloud costs have increased and skilled contractors supporting the cloud have become unavailable due to other commitments. CDW Government can help navigate these waters.

Ensuring an agency’s approach to compliance is multifaceted is important, and that requires adhering to new security directives while refining procurement strategies, investing in workforce development, and establishing methods for tracking cloud consumption and justifying spending.

UP NEXT: Inherited controls simplify cyber compliance.

This article is part of FedTech’s CapITal blog series.