Federal agencies face many challenges when modernizing their technology infrastructure, particularly when transitioning to the cloud. But those challenges are hardly insurmountable, and the fear surrounding cloud is largely unwarranted.

Whether it’s security, compliance or overall strategy, the first step to overcoming cloud risks and challenges is understanding them. Here are some of the most difficult obstacles that agencies should understand and address to limit risk during a cloud transition.

Security

Security is the most significant barrier standing between federal agencies and cloud. The idea of allowing data to leave the confines of their own four walls makes many federal IT pros shudder. But it shouldn’t.

Although the underlying delivery platform for cloud is often significantly different than an on-premises solution, the security concepts are largely the same. Agencies should ensure that they account for these differences when developing the security program to include a public delivered cloud platform. They should evaluate cloud-appropriate security technologies and consider cloud access security brokers or identity and access management solutions that can help secure an off-premise, public or hybrid cloud solution.

FedRAMP

Currently, there are fewer than 100 approved options in the FedRAMP Marketplace. Less than 10 meet high-impact Federal Information Security Management Act baselines. To broaden their options (and the FedRAMP market as a whole), agencies planning a cloud transition need to help guide would-be CSPs through the FedRAMP approval process.

For cloud service providers, the current approval process is both expensive and time-consuming. This limits the opportunity for smaller or newer companies to bring innovative, new solutions to the federal market. After all, gaining FedRAMP approval offers only the opportunity to enter the marketplace, with no guaranteed return on investment. The consequence? A less competitive, narrower spectrum of CSPs and limited access to innovative, cost-effective options.

Fortunately, the FedRAMP approval process is evolving. With faster approval times, more providers will join the marketplace to offer new choices.

As more vendors are brought on board, the increased competition will bring better value and higher quality solutions, giving agencies greater access to technologies that offer mission-critical capabilities, thus reducing risk and better supporting cloud transitions.

Strategy (or Lack Thereof)

If modernization is the goal, cloud adoption is simply one step toward it.

One of the most desired outcomes of modernization is the ability to move away from legacy IT structures that are difficult to scale to meet changing demands. The problem? Many mission-critical legacy applications aren’t easily transferred to cloud environments without a significant investment of time and resources. But with the ever-growing number of applications designed to perform many of the same tasks and workloads as their legacy counterparts, this challenge can be overcome.

Some legacy applications will remain indispensable. But there are many that could be traded for newer, more innovative applications that fulfill the same needs in an easier, cost-effective manner. The mere existence of these applications enables organizations to quit the business of application development and maintenance in favor of bigger-picture, strategy-oriented endeavors—including continued modernization efforts.

Sustainable Strategy, Successful Transition

No matter how thoroughly you address the risks and obstacles of a cloud transition, your approach must be practical and achievable to ensure long-term success.

Organizations must consider their existing resources to set reasonable expectations in terms of how quickly and completely they can make the cloud transition. For instance, those who can’t commit to a full public cloud transition might instead consider a hybrid cloud model that supports both a seamless public cloud integration and a private, on-premises data center.

With this approach, agencies need to explore solutions that enable security policy to easily extend from the private data center into the public cloud. Automation and simplified management become key when exploring these types of technologies.

Amid all the talk of risks and obstacles, what too easily gets lost is this: Cloud exists to make things easier, less expensive and more efficient. While the transition may require reframing how we think about IT solutions overall, the point is to make things less complicated, not more so.


This article Was originally featured on Nextgov 

Related Blog Posts

See All Blogs

Keeping Your Agency Secure in the Cloud

Like it or not, no government is permanently safe from cyberthreats. The agencies that protect their citizen data the longest are the ones that best assess the risks facing them daily. It’s a situation that doesn’t change after organizations adopt…

A Bridge to the Cloud

For federal agencies, the move to the cloud can be a daunting task. CIOs face an array of challenges in making the transition — from worries about data security, to concerns for budget and resources, the task requires a concerted…

GCN: Securing Data in the Cloud Requires Planning, Constant Vigilance

Government agencies know -- and have largely accepted the fact -- that moving to the cloud is inevitable. Where many start struggling is with the “how.”  How do they move legacy systems to the cloud? How do they choose the…

TechTarget: IBM Business Partners Mull Benefits, Risks of Red Hat Acquisition

IBM business partners have begun recalibrating strategies in the wake of the vendor's announcement that it would acquire open source software vendor Red Hat. IBM, which plans to purchase Red Hat for $34 billion, sparked a wildfire of questions this…

NextGov: It’s Time to Tackle the Problem of Unapproved Cloud Apps to Keep your Agency Secure

It’s a problem seen across all federal agencies: Employees are using cloud-based applications that aren’t approved or protected by IT teams. These apps range from sharing tools, such as cloud storage platforms, to social media sites or personal email accounts…

GCN: 3 Considerations Before Moving to the Cloud

Despite the urgency of IT modernization and the federal government's cloud-first mandate, many agencies unfortunately still find themselves lagging when it comes to cloud adoption. While cloud migration is a massive endeavor, it doesn’t have to be unmanageable, let alone…

NextGov: How to Integrate TIC Security with the Federal Cloud-First Mandate

When the Trusted Internet Connections (TIC) initiative was first introduced more than a decade ago, the goal was to improve security in government IT systems by limiting the number of individual external network connections to the internet. Before implementing TIC security…

4 Cloud Collaboration Investments You Should be Making

Cloud migration is a top priority for federal agencies, making for a rising demand for As-a-Service offerings. Meanwhile, agencies are still trying to plan and budget for cloud strategies, often from scratch. This creates a unique challenge for federal IT teams:…

TechTarget: JEDI cloud contract looms large for customers, providers

Public sector IT and private sector IT can be very different animals, but a looming decision by the Department of Defense has the potential to send shock waves through both sides of the IT world. In this article from TechTarget,…

GCN: Building a Better Agency Through Software Orchestration

In federal IT, there is sometimes fear that software orchestration will render the technology professional’s role obsolete. This mindset, however, is misguided. In reality, the exact opposite is true: Orchestration has the potential to not only make federal IT workers’…

GCN: How to Leverage Containers for Cloud Migration

With the passage of the Modernizing Government Technology Act in December, federal agencies find themselves with a unique opportunity to innovate and update their legacy IT infrastructure. A top priority in their modernization endeavors? Transitioning legacy applications to the cloud.…

Platform-as-a-Service and Application Development Key to IBM Transformation

With IT customers increasingly turning to Platform-as-a-Service offerings, major technology manufacturers are following suit — including IBM. In this article for TechTarget's SearchITChannel, Force 3's senior director of software sales engineering Charles Fullwood discusses IBM's evolution to include as-a-service platforms…

GCN: The Hidden Challenges of Federal IT Modernization

In the next three years, an estimated $3 billion worth of federal IT equipment will reach end-of-life status, according to former U.S. Federal CIO Tony Scott. It’s an intimidating number, and one that indicates just how far-reaching the need is…

Cisco & Google Partnering on Hybrid Cloud

Cisco and Google Cloud executives took the stage at the 2017 Cisco Partner Summit to talk about the companies' collaboration on hybrid clouds, containers and Kubernetes. In this article for TechTarget's SearchITChannel, Force 3 Senior Vice President of Client Solutions…

GCN: What Federal Agencies Need to Know About Cloud Utility Models

When it comes to cloud adoption, federal agencies continue to lag behind the corporate world, where cloud computing passed the point of ubiquity some time back. It’s no wonder, as federal IT teams face constant challenges -- excessive workloads, staff…

InformationWeek: Containerization Gains Traction & We’re Better for it

Cloud-based application development has taken big strides, and it's delivering benefits for enterprises such as federal agencies. Application development has forever been a thorn in the side of federal agencies. It’s tough, after all, to innovate when hampered by the…

How can we help your agency achieve its mission?

Maximize your IT investments. Learn more about solutions and services from Force 3.