Cloud and Government: Have We Finally Made a Love Connection?

The government's relationship with cloud computing has been an evolving affair. Initially, there was skepticism that cloud solutions could not provide the needed security that on-premise systems had been providing. With checks and balances provided by FedRAMP, security concerns were slowly but surely overcome. With the move to more remote work and the demand for digital interaction with citizens, cloud has moved from a novel approach to a necessary part of the Federal IT infrastructure.

Cloud and Security

Initial concerns about the levels of security maintained by cloud providers have proven to be unfounded. Cloud systems are built with security as a top of mind concern by some of the brightest, most experienced cyber experts in the world. No matter how skilled Federal IT teams are, they just cannot build an on-premises system that meets the same rigors. In fact, today cloud security concerns lie with the users of cloud rather than the providers. Continue reading

Cloud Is No Longer the Exception, but the Rule

Remote work, necessitated by the pandemic, accelerated many agencies' move to cloud computing. With remote and dispersed teams here to stay, cloud is a critical, if not primary, infrastructure for a number of organizations. With this wide reliance on cloud, the Cybersecurity and Infrastructure Security Agency (CISA) has been releasing Trusted Internet Connections 3.0 Use Cases, which give federal agencies guidance on applying network and multi-boundary security for remote users.

Similarly, the Defense Information Systems Agency (DISA) recently combined its Cloud Computing Program Office (CCPO) with its services directorate and ecosystem. This move, creating the Hosting and Compute Center (HaCC), recognizes the long-term reality of cloud and the role it plays in delivering services and powering everyday work for the agency. The HaCC will be "responsible for providing the warfighter with critical hosting and compute functions using modern data center and cloud capabilities." This functionality supports a number of Defense Department initiatives including Joint All Domain Command and Control. Continue reading

Five Steps Toward Digital Transformation at the Department of Veterans Affairs

The Department of Veterans Affairs (VA) is keenly focused on improving the healthcare and general services that support our military veterans. Incumbent on these improvements is the integration of leading edge technologies that digitize and automate processes for efficiency along with important security enhancements.

 

 

ONE: Implementation of Electronic Health Records

The Department's efforts to modernize the way they store and access records for the nine million veterans they care for into a comprehensive electronic system has been well documented. These efforts involve upgrading all 1200+ VA facilities' existing systems to ensure better continuity of care, and are currently focused on moving EHR data to a cloud system that will be interoperable with the Military Health System. The ultimate goal is to ensure service members can seamlessly and digitally transition from DOD to VA health care, instead of needing to carry around stacks of paper forms as is current practice.

Continue reading

Coordination is Key to CDO Success

Chief Data Officers (CDOs) are one of the newer positions in government, but their role is quickly becoming one of the most critical. A CDO is charged with overseeing data-related functions, including data management, ensuring data quality, and creating data strategy. For government agencies, this requires close coordination with the Federal Data Strategy and the DoD Data Strategy.

Both of these documents define the specific roles and responsibilities of data officers and provide a framework for working with and securing data. Of course, each agency has unique requirements and missions, leaving the CDO to work out how to apply this guidance and standards to their organization.

Agencies are meeting these guidelines and integrating CDOs in different ways. The Department of Homeland Security (DHS) recently announced a department-level CDO office to better integrate data into its operations and those of other agencies. The need for this level of coordination was underscored as DHS launched a department-wide COVID-19 vaccination campaign in partnership with the Department of Veterans Affairs health centers. DHS needed to identify, contact and manage responses from workers, which meant collecting and reconciling many different datasets from across the department.

Continue reading

Putting a Value on Trust — Introducing Zero Trust Security Approaches

With so many high-profile hacks this year, it's easy to want to throw up your hands and say, "Is there nothing that can be trusted?!" Interestingly, that lament is what is driving the latest approach to cybersecurity -- zero trust. Zero trust is what it sounds like, a security approach centered on the belief that organizations should not automatically trust anything accessing their systems either inside or outside their perimeters. Instead, all people and devices must be verified before access is granted. To the untrained eye, this seems untenable. How, in this day and age, when we depend on digital information and connection to do most anything, can we use a process where we have to constantly verify identity and access permissions? Luckily, the practice of zero trust is more sophisticated than its premise.

Continue reading