Network World - As the General Services Administration (GSA) migrates to a work-anywhere, work-anytime strategy, the real estate arm of the U.S. federal government is discovering that having an iron-clad security strategy is critical to its adoption of cloud-based applications.
GSA says the combination of a unified directory service, single sign-on software that covers both cloud- and premises-based applications, and two-factor authentication is allowing the agency to meet regulatory mandates for information security. GSA uses passwords and smart cards for authentication.
"Identity management is really a critical piece of this," said GSA CIO Casey Coleman. "We have a two-factor authentication solution. You can use that two-factor authentication solution as the main criteria for provisioning and de-provisioning. When an employee comes on board, nothing happens until you issue a credential or token, and when they leave that's the first thing that's reclaimed. By doing that, you don't have to turn off accounts in all of these other cloud systems. By taking away that second factor that's required to get into these systems, you improve your ability to maintain your right set of access controls."
GSA is at the forefront of the Obama administration's "cloud-first" strategy, which is designed to lower IT costs and eliminate federal data centers through the adoption of cloud-based applications. The new policy requires agencies to identify three "must-move" IT services that can be migrated to cloud computing applications and to complete the migration in 2012.
GSA, a fee-for-service organization, has vowed to be the first agency to meet this "cloud-first" requirement.
"Our administrator Martha Johnson has issued us a mandate that GSA goes first," Coleman said. "Our goal in doing that is that by adopting these technologies, GSA can provide the value and share the lessons learned in deploying them to other federal agencies or other corporations. Our goal is to serve as a public steward for the prudent adoption of new technologies."
By the end of the year, GSA will complete its migration to cloud computing for three popular applications used by its 17,000 employees. GSA selected Google Apps for email, Fiberlink for remote device management, and Salesforce for customer relationship management (CRM) and collaboration. The Google Apps and Fiberlink transitions are done, and the Salesforce migration will be complete in 2012.
"GSA has been enthusiastic and eager to be out in front of other federal agencies in the adoption of cloud computing," said Ray Bjorklund, chief knowledge officer at Deltek, a federal IT market research firm. "To their credit, they have been trying to ensure that all of the cloud concepts and principles work really well for the government. They've been collaborating very aggressively with [the National Institute for Standards and Technology] on security issues."
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- Four Little-Known Ways WAN Optimization Can Benefit Your Organization WAN optimization has evolved into a complete system that optimizes traffic across a broad range of most popular applications while providing deep visibility...
- SharePlan Security SharePlan is a continuous, secure, enterprise-ready file sync and share platform that facilitates smart, real-time collaboration across all devices.
- Three Ways Your DNS Can Impact DDoS Attacks Domain Name System (DNS) plays a big role in consumers' day-to-day Internet usage and is a critical factor when it comes to distributed...
- Online Video and Web Traffic: Sochi 2014 Winter Olympic Games Over 25 leading global broadcasters worked with Akamai to deliver the action, excitement and inspiration of Sochi because they understand online viewers expect...
- Video surveillance for IT: maximum image quality, minimum bandwidth Join us on Thursday, May 8th at 1 p.m. EST when Willem Ryan, Senior Product Marketing Manager at Avigilon, will discuss how IT... All Networking White Papers | Webcasts