Cloud will happen in government, but it will happen cautiously says former US CIO

Just last week covered the launch of Google App for Government, a special version of the Google Software-as-a-Service (SaaS) suite that has stronger security capabilities to meet US government requirements.
But while Google creates the opportunity, former US government executives suggests to verify that opportunity carefully.

Earlier today FutureGov in fact published an interview with Hord Tipton, who has been the CIO of US Ministry of the Interior for five years. Hord is now the Executive Director of the International Information Systems Security Certification Consortium (ISC)2.

Tipton said a number of interesting things:

For the private sector, losing data is highly inconvenient. For government, it could mean losing a person’s identity, or worse where critical infrastructure is concerned. People could get killed if data is lost.

Having trust in your vendor is critical. A supplier’s tolerance to risk is often an unknown. If his approach to risk is not aligned with yours, you have a problem. And you need a highly skilled team in place that is capable of managing a number of issues, not least security, in an enterprise type way.

Tipton also reported that the US Department of Defense has put “communications applications and widgets” in the cloud but that it took two years to plan its cloud computing platform, plus exhaustive testing.