Cloud Consistency: The U.S. Government Cloud Computing Technology Roadmap
The National Institute of Standards and Technology (NIST) released its final version of the US Government Cloud Computing Technology Roadmap, Volumes I and II recently. The roadmap provides international guidelines, objectives and “Priority Action Plans” for cloud-based file sharing, with the hope of improving cybersecurity for the United States' critical infrastructure and individual organizations.
Taking into consideration over 200 comments from other nations worldwide, this document covers a wide range of relevant ideas, challenges and recommendations related to cloud management and deployment. But is there really a point in trying to impose standards and define a technology that is still at the very beginning stages of its evolution? Some argue no – a shifting market of which vendors have invested more than $15 billion in will define what cloud computing is to become more so than a roadmap. But nevertheless, the issues raised in it are worth discussing and in the meantime, MSPs can help mitigate some cloud concerns.
Here’s a look at 3 key issues that were raised, followed by what MSPs can do to address them.
1. Security. Security was the underlying issue that pervaded almost all sections of the roadmap. It’s NIST’s hope to reduce uncertainty about the cloud through education and further developing the Cloud computing model through consensus-based standards of interoperability, performance, and portability.
With access to cloud-based security solutions, MSPs are already in a much better position to close security gaps than an internal IT department, using one central web portal that can remotely monitor and be a second set of eyes for suspicious activity.
Juggling interoperability, or the ability for systems to talk to each other efficiently, and security is often a tough balance for IT departments to strike, as personal using personal devices for business has been an ongoing security concern that many don’t know how to mitigate. MSPs, however, can ensure those endpoint and personal devices are secure and comply with company requirements.
Through discovery, modernizing and defining data, MSPs can help enterprises migrate original applications in the Cloud. MSPs have tools to classify applications, modernize middleware, and prepare data for migrations.
2. Research. NIST outlined ideas for how the government and enterprises might define research methods for measurement and monitoring. The report highlights Big Data and risk analysis as the two main reasons for this, so that there is a consensus process to measure and report industry-wide Cloud data and predict failures and vulnerabilities in Cloud systems. MSPs can help enforce a consistent set of security processes and encourage test tool development to support cloud standards. Big Data is thought to be just as transformative as the cloud computing model, so having standards of conformance and performance testing, test result validation and tester accreditation will be important for MSPs to help enterprises comply with.
3. Deployment. NIST highlights the need for technical staff and Cloud users to be continuously educated on the evolving technology, especially when there are legal changes to make cloud adoption more or less difficult. The document calls on business and technical stakeholder to work together in this regard, and MSPs are the perfect middleman for this job.
The roadmap also brings up how there is a lack of common understanding of the benefits that cloud computing offers from a business and technical standpoint. NIST then identifies the 3 categories of Cloud service models – Software as a Service, Platform as a Service and Infrastructure as a Service – and calls on providers to adopt categories and stick with a defined “single neutral reference architecture” so that enterprises and government have a clear cut view of what each model entails.
Consistency in standards of security, research, and deployment will result in better business outcome. It’s a way to ensure that Cloud computing is contained and sustainable enough for innovation, and MSPs can act as the middleman across a range of cloud adopters to ensure this happens.
Do you feel adopting standards will enhance or halt innovation in the Cloud? What can MSPs do to ensure this doesn’t happen? Leave a comment in the section below.