Best Practices

Properly planned and well-executed, cloud migration can result in significant savings, increased efficiency and performance, and even enhanced privacy and security. This section of the site includes case studies of cloud deployments with the goal of articulating best practices and potential pitfalls by focusing on the risk management, strategic planning, and resource management issues that define a successful cloud transition.

Mr. FedRAMP: Understand your data before you move to cloud

Greg Otto, FedScoop,  Wednesday, November 11, 2015

One of the biggest challenges for federal agencies looking to move to the cloud is figuring out what types of data they have and where that data can reside, the head of FedRAMP said Tuesday. At the Red Hat Government Symposium, FedRAMP Director Matt Goodrich said even as agencies are mixing in cloud instances with their legacy systems, they are struggling with what data they have and where it's appropriate to put that data.

Making the most of the hybrid cloud

Matt Lawson, GCN,  Tuesday, November 10, 2015

2015 has become the year when the cloud evolved from a solution for individual projects to a true piece of “shared infrastructure” utilized across multiple agencies. This shift has pointed agencies to a hybrid cloud environment, which provides a broad portfolio of IT capabilities including innovation, agility, scalability, cost and security.

The Definitive Cybersecurity Guide for Directors and Officers

Security Roundtable,  Monday, October 12, 2015

Collecting the expertise and experience of CEOs, CISOs, lawyers, forensic experts, consultants, academia, and current and former government officials, this anthology is intended for those new to the cybersecurity topic, as well as seasoned leaders in the field. It contains practical and expert advice on a range of cybersecurity issues, including compliance and breach avoidance, prevention and response.

Open hybrid clouds: A new approach to cloud computing

Adam Stone, C4ISR,  Saturday, October 03, 2015

In recent years, cloud computing has delivered information technology managers a means to streamline their practices and reduce operating costs. Now, a new range of tools has emerged to help IT make the most of cloud’s potential. Hybridization has opened new doors, as has the promise of open-source development. Taken together, the open hybrid cloud raises the bar for military cloud users.

5 tips for securing apps across multiple clouds

Rutrell Yasin, Fedscoop,  Thursday, October 01, 2015

Creating a hybrid cloud computing environment – one that relies on a mix of on-premises and public cloud services – holds out the promise of greater flexibility for federal agencies on where to run diverse workloads and applications. It also promises greater computing economies. But enforcing policies and security controls between and among multiple clouds can be tricky business. Agency managers can encounter a myriad of challenges as they use multiple cloud providers in conjunction with their own internal private cloud infrastructure. Issues surrounding compliance, data flow and protection, security, and visibility o

Data sovereignty and the cloud: How do we fully control data amidst the cloud sprawl?

David Auslander, CloudTech,  Wednesday, September 09, 2015

One of the basic tenets of cloud computing is the ability to provide access to resources across a geographically dispersed cloud environment. This makes the cloud ideal for global distribution of applications and data. But what about those geographies that have highly restrictive data sovereignty laws or practices, such as Germany, Austria and South Korea? What about governmental bodies attempting to protect information while utilising the cloud?

Microsoft Beefs Up Azure Virtual Machine Cloud Backups

Pedro Hernandez, eWeek,  Tuesday, August 25, 2015

Microsoft has upgraded its Azure infrastructure-as-a-service (IaaS) virtual machine backup service, providing enterprises with more headroom as they implement their cloud-based data protection programs, the company announced. "The new set of features includes support for virtual machine backup with more data disks, long-term retention and more," said Trinadh Kotturu, a program manager in Microsoft's Cloud and Enterprise group. "These features strengthen Azure Backup's ability to back up Azure IaaS virtual machines in a simple and reliable way." The service now supports virtual machines (VMs) that span "16 data disks in addition to the OS disk," he noted. Customers also can expect more predictable backup times as a result of the new enhancements and optimizations.

Five Reasons for Leaving Your Data Where It Is

Markus Rex, Datanami,  Tuesday, August 25, 2015

As cloud adoption continues its meteoric ascent, the number of access points to enterprise data also increases. And while keeping data on premise is no guarantee of security, it does drastically reduce the number of access points. But the case for keeping data on premise goes far beyond a common sense security and risk mitigation play that tells us the fewer servers our data runs through, the safer it is.

DISA’s best practices for cloud migration

Mark Pomerleau, GCN,  Saturday, August 22, 2015

The Defense Information Systems Agency recently released “Best Practices Guide for Department of Defense Cloud Mission Owners” for those planning to migrate existing systems from physical environments to the cloud. The guide follows the release of three other documents in July regarding cloud computing security requirements.

Making Police Body Cams Work on a Mass Scale (Industry Perspective)

Jeff Gould by Jeff Gould,
Monday, August 17, 2015

The purpose of body-worn cameras is not to fill petabytes and exabytes of disk space in football-field-size data centers. The goal is to improve interactions between the police and the public they serve. To justify its cost, law enforcement agencies must be able to filter through footage quickly and effectively. They need to review it for investigative, training and disciplinary purposes. They need to share it with fellow agencies, prosecutors and defense lawyers. Last but not least, they need to be able to disclose it – at least selectively – to the public and the media. All this will have to happen while guaranteeing chains of custody, ensuring that only authorized users have access, and protecting the privacy of citizens and officers. The fundamental problem that police departments gathering large amounts of video face is that the daily tasks they need to perform with this video are labor-intensive. Searching through thousands of hours of video, transcribing and indexing what is said in them, blurring the faces of citizens or officers to protect their privacy – these tasks are impossible to perform at scale without assistance from powerful automation tools.