Network World - As the General Services Administration (GSA) migrates to a work-anywhere, work-anytime strategy, the real estate arm of the U.S. federal government is discovering that having an iron-clad security strategy is critical to its adoption of cloud-based applications.
GSA says the combination of a unified directory service, single sign-on software that covers both cloud- and premises-based applications, and two-factor authentication is allowing the agency to meet regulatory mandates for information security. GSA uses passwords and smart cards for authentication.
"Identity management is really a critical piece of this," said GSA CIO Casey Coleman. "We have a two-factor authentication solution. You can use that two-factor authentication solution as the main criteria for provisioning and de-provisioning. When an employee comes on board, nothing happens until you issue a credential or token, and when they leave that's the first thing that's reclaimed. By doing that, you don't have to turn off accounts in all of these other cloud systems. By taking away that second factor that's required to get into these systems, you improve your ability to maintain your right set of access controls."
MORE: Identity management in the cloud emerges as hot-button issue for CIOs
GSA is at the forefront of the Obama administration's "cloud-first" strategy, which is designed to lower IT costs and eliminate federal data centers through the adoption of cloud-based applications. The new policy requires agencies to identify three "must-move" IT services that can be migrated to cloud computing applications and to complete the migration in 2012.
GSA, a fee-for-service organization, has vowed to be the first agency to meet this "cloud-first" requirement.
"Our administrator Martha Johnson has issued us a mandate that GSA goes first," Coleman said. "Our goal in doing that is that by adopting these technologies, GSA can provide the value and share the lessons learned in deploying them to other federal agencies or other corporations. Our goal is to serve as a public steward for the prudent adoption of new technologies."
By the end of the year, GSA will complete its migration to cloud computing for three popular applications used by its 17,000 employees. GSA selected Google Apps for email, Fiberlink for remote device management, and Salesforce for customer relationship management (CRM) and collaboration. The Google Apps and Fiberlink transitions are done, and the Salesforce migration will be complete in 2012.
"GSA has been enthusiastic and eager to be out in front of other federal agencies in the adoption of cloud computing," said Ray Bjorklund, chief knowledge officer at Deltek, a federal IT market research firm. "To their credit, they have been trying to ensure that all of the cloud concepts and principles work really well for the government. They've been collaborating very aggressively with [the National Institute for Standards and Technology] on security issues."
Free Insider Guide
Rising salaries boost IT optimism, though not everyone is feeling upbeat. Our survey of 4,000+ IT workers shows who's riding the wave and why. Use our interactive tool and compare your own paycheck. Read more...
Copyright © 1994 - 2013 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
