Network World - As the General Services Administration (GSA) migrates to a work-anywhere, work-anytime strategy, the real estate arm of the U.S. federal government is discovering that having an iron-clad security strategy is critical to its adoption of cloud-based applications.
GSA says the combination of a unified directory service, single sign-on software that covers both cloud- and premises-based applications, and two-factor authentication is allowing the agency to meet regulatory mandates for information security. GSA uses passwords and smart cards for authentication.
"Identity management is really a critical piece of this," said GSA CIO Casey Coleman. "We have a two-factor authentication solution. You can use that two-factor authentication solution as the main criteria for provisioning and de-provisioning. When an employee comes on board, nothing happens until you issue a credential or token, and when they leave that's the first thing that's reclaimed. By doing that, you don't have to turn off accounts in all of these other cloud systems. By taking away that second factor that's required to get into these systems, you improve your ability to maintain your right set of access controls."
GSA is at the forefront of the Obama administration's "cloud-first" strategy, which is designed to lower IT costs and eliminate federal data centers through the adoption of cloud-based applications. The new policy requires agencies to identify three "must-move" IT services that can be migrated to cloud computing applications and to complete the migration in 2012.
GSA, a fee-for-service organization, has vowed to be the first agency to meet this "cloud-first" requirement.
"Our administrator Martha Johnson has issued us a mandate that GSA goes first," Coleman said. "Our goal in doing that is that by adopting these technologies, GSA can provide the value and share the lessons learned in deploying them to other federal agencies or other corporations. Our goal is to serve as a public steward for the prudent adoption of new technologies."
By the end of the year, GSA will complete its migration to cloud computing for three popular applications used by its 17,000 employees. GSA selected Google Apps for email, Fiberlink for remote device management, and Salesforce for customer relationship management (CRM) and collaboration. The Google Apps and Fiberlink transitions are done, and the Salesforce migration will be complete in 2012.
"GSA has been enthusiastic and eager to be out in front of other federal agencies in the adoption of cloud computing," said Ray Bjorklund, chief knowledge officer at Deltek, a federal IT market research firm. "To their credit, they have been trying to ensure that all of the cloud concepts and principles work really well for the government. They've been collaborating very aggressively with [the National Institute for Standards and Technology] on security issues."
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Separating Work and Personal at the Platform Level: How BlackBerry Balance Works BlackBerry® Balance™ separates work from personal on the same mobile device, right at a platform level. Find out how it can work for...
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of... All Networking White Papers | Webcasts