Posted by: Dave Raffo
Last week’s Congressional hearing on cloud computing served as a condensed version of the cloud debate that has been ongoing for about two years now. Congress heard definitions of different types of clouds, government representatives voiced concerns over security and other issues associated with cloud computing, and vendors extolled the cloud’s virtues while promising their technology can overcome all of its hurdles.
But the hearing made it clear that the federal government — which is forecasted to spend about $76 billion on IT this year – is serious about the cloud. Government agencies see the cloud as a method of data center consolidation. According to s federal CIO Vivek Kundra, the U.S. government has nearly tripled the number of data centers from 432 to 1,100 over the past decade while many corporations have reduced their data centers.
There wasn’t a lot of specific talk about storage during the hearing, although Nick Combs, CTO of EMC’s Federal division, was part of the vendor panel.
“There’s a whole lot of concern about the number of data centers out there in the federal government today, and what’s the right number,” Combs said in an interview after the hearing.
Much of Combs’ testimony focused on security, which EMC delivers through its RSA division. The security talk is also where the various types of clouds came in.
“There were lots of questions around security in the cloud and where clouds wouldn’t be appropriate for government information,” Combs said. “We talked about the multitenant cloud – are there sufficient protections to put information in the cloud and what level of risk are we talking? How do we provide compliance and meet government regulations? Only public-facing information should be placed on public clouds. Information that is sensitive in nature needs to be protected in more private-type clouds. That seemed to resonate pretty well.”
As part of his prepared remarks, Combs offered the NIST definitions of four types of clouds:
- Private Cloud is infrastructure deployed and operated exclusively for an organization or enterprise. It may be managed by the organization or by a third party, either on or off premise.
- Community Cloud is infrastructure shared by multiple organizations with similar missions, requirements, security concerns, etc. It also may be managed by the organizations or by a third party on or off premise.
- Public cloud is infrastructure made available to the general public. It is owned and operated by an organization selling cloud services.
- Hybrid cloud is infrastructure consisting of two or more clouds (private, community, or public) that remain unique entities but that are tied together by standardized or proprietary technology that enables data and application portability.