Best Practices

Properly planned and well-executed, cloud migration can result in significant savings, increased efficiency and performance, and even enhanced privacy and security. This section of the SafeGov.org site includes case studies of cloud deployments with the goal of articulating best practices and potential pitfalls by focusing on the risk management, strategic planning, and resource management issues that define a successful cloud transition.

How companies secure their cloud data

Help Net Security,  Friday, March 27, 2015

As companies accelerate their adoption of the cloud, the cloud data footprint is expected to grow to 6.5 zettabytes by 2018. This rapid migration of data into the cloud creates the need for insight into both cloud adoption trends and cloud data security issues.

FISMA report highlights federal cloud security deficiencies

Rob Wright, TechTarget,  Friday, March 27, 2015

A newly released government report shows a lack of basic security controls in many departments and agencies, highlighting the precarious state of federal cloud security.

How they did it: Cloud success stories

Rutrell Yasin, Federal Times,  Monday, March 23, 2015

The year 2013 was a busy one for the Bureau of Alcohol, Tobacco, Firearms and Explosives, which moved its website and email to various cloud infrastructures to achieve greater operational efficiency and costs savings. A law enforcement agency within the Department of Justice, ATF moved atf.gov to a Drupal platform operated by Acquia and hosted on the Amazon Web Services cloud infrastructure. In the same year, the bureau also moved 7,500 email users to the Microsoft Office 365 cloud-based messaging and collaboration platform, said Rick Holgate, ATF's assistant director for science and technology and CIO.

States Up Their Data Center Game

Nicole Blake Johnson, StateTech,  Tuesday, March 10, 2015

A number of state and local governments are downsizing IT staff through attrition, collapsing data centers and rationalizing applications. They’re gradually backing out of the data-center business and tapping commercial vendors to host government applications in the cloud. In some cases, they’re co-locating with other governments.

Better Budgets Spark Growing Tech Activity

Steve Towns, Government Technology,  Tuesday, March 10, 2015

With tax revenue bouncing back, states and localities are poised to spend billions of dollars on technology this year. E.Republic’s annual Beyond the Beltway Conference held this week just outside Washington, D.C., offered insight into how state and local CIOs intend to use those funds. The big winners will be system modernization, cybersecurity and open data, according to more than a dozen city, county and state CIOs who talked about their priorities at the day-long conference on Monday. They also pointed to issues around privacy and storage created by emerging trends like police video.

Global privacy standards mean nothing until governments step up

J. Peter Bruzzese, InfoWorld,  Wednesday, February 18, 2015

Microsoft recently announced it's the first major cloud provider to adopt the global cloud privacy standard developed by the International Organization for Standardization (ISO). Auditors verified that Microsoft Azure, Office 365, Dynamics CRM Online, and Intune conform to the standard (ISO 27018) designed to protect personally identifiable information (PII) in the cloud, addressing a fear that users and businesses share in many countries -- especially users, businesses, and governments in Europe. But what does that compliance really get you? ISO 27018 is a good starting point to protect personal data, as Microsoft has outlined. But Microsoft has to do whatever legal authorities tell it, so its protections are subject to governments' often secret and inconsistent interpretations of their authority.

Intelligence In The Cloud: Lockheed Martin And Esri Cloud Deployment Enables Geospatial Information Sharing Across Intel Community

CNN Money / PR Newswire,  Tuesday, February 17, 2015

The deployment of the portal for Esri's ArcGIS geographic information system (GIS) provides a single environment for analysts to securely organize and share data throughout the intelligence community and Department of Defense. It's also the foundational step in consolidating multiple geospatial intelligence portals into the single NGA-provided portal, resulting in technology and license cost savings. This is NGA's second pioneering step in the cloud, after the agency moved their Map of the World application to the C2S environment late last year.

Why Hybrid Cloud Continues to Grow: A Look at Real Use-Cases

Bill Kleyman, Data Center Knowledge,  Monday, February 16, 2015

Moving forward, the hybrid cloud model will give end-users even more services and benefits. A recent Gartner report found that the use of cloud computing is growing, and by 2016 this growth will increase to become the bulk of new IT spend. 2016 will be a defining year for cloud as private cloud begins to give way to hybrid cloud. By the end of 2017, nearly half of large enterprises will have hybrid cloud deployments.

Microsoft beats rivals to certify under new public cloud security standard

Business Cloud News,  Monday, February 16, 2015

Microsoft has adopted a relatively new ISO standard that specifies measures to protect Personally Identifiable Information (PII) in public cloud environments. The company claims it is the first public cloud provider to do so. Microsoft, a huge advocate of regulatory reform around data privacy rights in the US, is currently embroiled in a court case that has seen the IT giant repeatedly challenge US District Court rulings compelling it to hand over email and contact information stored in its cloud platform in Ireland as part of a drug-trafficking trial. The company is currently supporting a number of recently introduced laws that seek to limit the reach of US courts over data stored in cloud services located outside the US.

Microsoft Azure: The first cloud computing platform to conform to ISO/IEC 27018, the only international set of privacy controls in the cloud

Lori Woehler, Microsoft Azure Blog,  Monday, February 16, 2015

Earlier this month, we highlighted a number of new compliance milestones for Microsoft Azure. Among these developments was that the British Standards Institution (BSI) validated that Azure incorporates controls that are aligned to the ISO/IEC 27018 code of practice for the protection of Personally Identifiable Information (PII) in public clouds acting as PII processors. ISO 27018 is the first international set of privacy controls in the cloud, and Azure is the first cloud computing platform to adopt ISO 27018.