…Or at least that’s what we should do if cloud computing is to gain broad adoption, according to experts who spoke at the Strategies and Technologies for Cloud Computing Interoperability meeting this week (Washington Technology report).
My observations of this discussion show that the biggest obstacles to the adoption of cloud computing in the Federal government are concerns over security and compliance to FISMA. FISMA regulations were written before cloud computing was a twinkle in Jeff Bezos’s eye, but now that he and legions of others are on the cloud computing bandwagon, these concerns prevent agencies from jumping in with both feet. FISMA assumes, for example, that agencies know where their data and systems are physically located, and that they can be physically audited. This runs completely contrary to the whole point of cloud computing (also known as utility computing), where you “switch on” and “switch off” computing capacity as you need it. You don’t care where it’s located, and nor should you; you merely have confidence that, when you need it, computing capability will be available — just like the electricity supply.
Several agencies are piloting cloud computing technologies now. Getting these initiatives into production, however, will require a change in the FISMA regulations — changes which, I understand, are currently being contemplated.