2014 saw federal progress toward cloud integration, data center consolidation
As 2014 winds down, countless organizations are assessing their progress over the past year. In particular, many firms are focusing on their IT and whether their performance in this area met expectations or came up short.
Naturally, agency leaders throughout the federal government will conduct such investigations themselves. And as this year's selection of reports from the Government Accountability Office has made clear, these leaders are likely to feel fairly satisfied with their IT development. As InformationWeek noted, the government made significant progress in the realms of cloud integration and data center consolidation. However, the GAO's reports also demonstrated that there is a great deal of room for improvement in both these areas and in terms of cybersecurity.
Cloud and data center progress
The news source noted that earlier GAO reports revealed much more cloud use among federal agencies in 2014 than in previous years. Notably, in September GAO auditors determined that among a select group of agencies – including the Department of Homeland Security, Health and Human Services and Treasury Department – had implemented 101 total cloud services. In 2012, this figure stood at only 21 cloud services.
However, InformationWeek also highlighted several shortcomings in federal cloud integration efforts in 2014. Most notably, the GAO determined that many federal agencies are not fully complying with the Office of Management and Budget's cloud-first guidance. While most agencies are looking at cloud options when adding new IT services, as they are supposed to do, they are not attempting to replace existing on-premise IT systems with cloud options. As the GAO noted, agencies are directed to consider cloud options regardless of an IT service's lifecycle. Consequently, many departments have not yet embraced cloud integration to the level they should have.
Federal data center consolidation in 2014 was also largely successful, albeit with certain missteps. The GAO found that among 24 federal agencies participating in a large-scale consolidation project, 19 indicated they saved more than $1 billion between 2011 and 2013 – $300 million more than the OMB originally predicted.
The news source also noted, though, that many federal agencies have struggled to determine precisely how much money they have saved via data center consolidation, due to a lack of accurate metrics. Without this insight, agencies may struggle to make the best, most efficient decisions as they pursue further data center consolidation efforts.
While the federal government made admirable progress in the areas of cloud integration and data center consolidation in 2014, its cybersecurity record was far less stellar. Notably, the news source reported that the GAO delivered a number of reports throughout the year highlighting cybersecurity flaws on the Healthcare.Gov website. These vulnerabilities remained a concern throughout 2014, even as the Centers for Medicare and Medicaid Services executed several corrective measures.
This is hardly the only example of the federal government's cybersecurity shortcomings throughout the past year. Recent months have seen numerous successful cyberattacks against federal agencies, including the State Department and White House. While these two incidents are widely believed to be the work of state-sponsored hackers, other incidents have been attributed to less advanced cybercriminals and, frequently, insider behavior.
This latter issue is particularly problematic. In many cases, federal employees have engaged in risky behavior, which has created cybersecurity vulnerabilities that cybercriminals can then take advantage of.
As 2015 approaches, federal agencies would be well-served by focusing their cybersecurity efforts on employee training and education, among other things. Only by shoring up federal defenses in these areas can departments hope to better protect themselves and their assets in the coming year.