Government Technology

    Digital Communities
    Industry Members

  • Click sponsor logos for whitepapers, case studies, and best practices.
  • McAfee

Cloud Computing Gains Momentum but Security and Privacy Issues Persist

September 25, 2009 By

It's official: Cloud computing has arrived -- and it appears to be the hit of the party. The Pew Internet & American Life Project released survey results in September 2008 reporting that 69 percent of Americans who are online use Web-based e-mail, store data or use software applications over the Internet. In October 2008, the market research firm IDC forecast that spending on IT cloud services would reach $42 billion by 2012.

Government agencies are starting to use cloud computing for storage, applications or development; these services are hosted on a remote server in order to save money on implementation and management. Cloud services are increasingly pervasive and may forever transform how government employees access and manage digital information.

Cloudiness Ahead

But with so many clouds on the horizon for IT, some people worry about potential storms ahead.

"What tends to worry people [about cloud computing] are issues like security and privacy of data -- that's definitely what we often hear from our customers," said Chris Willey, interim chief technology officer of Washington, D.C.

Willey's office provides an internal, government-held, private cloud service to other city agencies, which allows them to rent processing, storage and other computing resources. The city government also uses applications hosted by Google in an external, public cloud model for e-mail and document creation capabilities.

Cloud computing is delivered to users via three main delivery models: software as a service, platform as a service and infrastructure as a service (known as SaaS, PaaS and IaaS, respectively). With SaaS, customers use applications stored on a provider's server. In a PaaS environment, the provider gives customers tools to create their own applications that are stored on the provider's server. IaaS allows customers to rent networking, storage or other IT resources from providers to support in-house infrastructure.

In all arrangements, the clients' data wind up in someone else's hands somewhere along the way. For government, citizens' data is sacred, as is data involving internal business processes. Even when a third-party provider is reputable, it's understandable to experience a tinge of anxiety. You can't control another company's activities the way you can your own.

"For the last 15 years, people have been used to the client-server model," said Kevin Paschuck, vice president of public sector for RightNow Technologies, a company that delivers SaaS. "They've been used to hugging their servers. They walk out the door, and they can see their data and their hardware. They control their own destiny."

But remote hosting can inhibit that feeling of control.

"I don't know exactly where my data is,'" said Tim Grance, a computer scientist in the Computer Security Division of the National Institute of Standards and Technology. "It could be cut into tiny little pieces and dispersed across a large geographical area, and that inherently makes people nervous."

These qualms, however, don't just come from apprehension about the activities of third-party partners. They may stem from external threats too. If an agency's server is hacked, the agency's employees know how they'll handle it, but they don't know how someone else might. It's a given that, and other big companies aren't slouches in the security department, but their size makes them attractive targets for cyber-attacks.

"Google has had to spend more money and time on security than D.C. government will ever be able to do," Willey said. "They have such a robust infrastructure, and they're one of the biggest targets on the Internet in terms of hacks and denial-of-service attacks."

| More


Anonymous    |    Commented September 29, 2009

Those who think fears about data security are unfounded or overstated should read

Anonymous    |    Commented September 29, 2009

Those who think fears about data security are unfounded or overstated should read

Anonymous    |    Commented September 29, 2009

Those who think fears about data security are unfounded or overstated should read

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Digital Cities & Counties Survey: Best Practices Quick Reference Guide
This Best Practices Quick Reference Guide is a compilation of examples from the 2013 Digital Cities and Counties Surveys showcasing the innovative ways local governments are using technological tools to respond to the needs of their communities. It is our hope that by calling attention to just a few examples from cities and counties of all sizes, we will encourage further collaboration and spark additional creativity in local government service delivery.
Wireless Reporting Takes Pain (& Wait) out of Voting
In Michigan and Minnesota counties, wireless voting via the AT&T network has brought speed, efficiency and accuracy to elections - another illustration of how mobility and machine-to-machine (M2M) technology help governments to bring superior services and communication to constituents.
Why Would a City Proclaim Their Data “Open by Default?”
The City of Palo Alto, California, a 2013 Center for Digital Government Digital City Survey winner, has officially proclaimed “open” to be the default setting for all city data. Are they courageous or crazy?
View All