Britain's G-Cloud strategist plays down security concerns

Powered by SC Magazine
 

Government CIOs chided for hiding behind security concerns.

Britain's former cloud computing champion John Suffolk has challenged Australian government chief information officers to justify their concerns about security in the cloud.

Speaking at the Technology in Government Summit in Canberra this month, the former government CIO chided his peers for using security as a means of deferring trials of cloud computing.

Suffolk led the development of Britain's G-Cloud, a plan that was published by the Cabinet Office last year and was expected to cut £3.2 billion from the Government's annual spend by 2013-14.

“We should not underestimate cloud computing,” he told delegates in Canberra.

Although security had to be considered before introducing new, government cloud computing services, Suffolk argued that security issues were exaggerated and used as an excuse for avoiding the cloud model.

Major IT suppliers had a vested interest in fuelling such concerns, he speculated, adding that proprietary vendors were "very, very concerned".

"You mean you are not going to give [suppliers] license fees for doing nothing? It’s a big issue. The industry is fundamentally changing," he said.

After leaving the British Cabinet Office in November, Suffolk advised the World Bank High-Level Experts group, helping governments understand how technology could improve the public sector and generate economic growth.

He planned to join Chinese networking and telecommunications vendor, Huawei, as its global cyber security officer (GCSO), commencing 1 October.

Suffolk challenged members of the audience to clarify how having the term “cloud” in front of a government data centre made it any less secure than a physical service.

“Tell me how your security model has changed?” he asked cloud adopters.

He argued cloud computing should not be viewed as a threat for government, but an opportunity,.

“My advice is dip your toe in the water. Try it. Put some services into a cloud-based model -- public or private depending on your security model," he said.

"Begin to migrate your services. Begin to downgrade your legacy [infrastructure] in terms of what goes on it. Because if [a cloud trial] doesn’t work, you will not have invested a whole lot of capital.”

Addressing immaturity and lock-in

Suffolk encouraged agency CIOs to design environments in which applications were seperated from the underlying platform, in order to avoid being locked into particular vendors or immature cloud offerings.

“You can come up with cloud models that separate apps from infrastructure," he said. "It’s like buying electricity but having a choice over what kettles you might plug in.

“If it’s a low risk app do you really care on the basis that it’s pay for use?" he added.

Meanwhile, any agencies planning to adopt the cloud model for a “core critical system” should put the same effort into analysis, design and architecture as they would in a non-cloud world, he said.

Copyright © iTnews.com.au . All rights reserved.


Britain's G-Cloud strategist plays down security concerns
John Suffolk, former British Gov CIO.
 
 
 
Top Stories
Slow progress in Turnbullistan
[Blog post] How has the NBN moved ahead since regime change?
 
Hacks and frauds can't dampen Bitcoin buzz
[Blog post] Enthusiasts meet in Melbourne.
 
Qantas checks in with cloud computing
Impressed with results of public cloud bake-off.
 
 
John Suffolk, former British Gov CIO.
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  22%
 
Application integration concerns
  3%
 
Security and compliance concerns
  30%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  24%
 
Lack of stakeholder support
  4%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 539

Vote