Could Industry Follow DoD Cloud Security Lead?

Reading time: 3 min
Share this Share on email Share on twitter Share on linkedin Share on facebook

Even the U.S. Department of Defense admits that cloud security worries shouldn't come in the way of cloud business benefits. In a talk given to industry cloud players last week, DoD CIO Terry Halverson detailed some of the agency's cloud initiatives and explained how the agency is trying to drive more data to the cloud under the simple philosophy that different data carries different levels of risk.


“If we have public-facing data, why wouldn’t we put it in a public cloud?” he told the crowd, according to reports by and Federal News Radio. "This ought to be a no-brainer."


Last month the DoD made a move to cut the red tape on cloud deployments by streamlining its cloud security requirements for purchasing commercial cloud services and by putting the power in the hands of individual military services and agency CIOs to make risk-based decisions about what data and systems hit commercial cloud infrastructure. As Jared Sebu of Federal News Radio relates, cloud providers who have already met FedRAMP standards are eligible to handle the DoD's less sensitive classes of data and could even host this less sensitive class overseas.


For example Halvorsen says the DoD is likely to outsource all of its unclassified email to commercial cloud providers in the future.