Last updated: October 7, 2011 - 8:13am
A rush by President Barack Obama's Administration to move U.S. government agencies to cloud computing services may lead to unintended security problems and other headaches, some lawmakers said during a House Homeland Security Committee hearing. While agency adoption of cloud computing could save money, it may also lead to questions about control of agency data, about data portability and about whether cloud vendors will be prime targets for cybercriminals, several members of the committee's cybersecurity subcommittee said during a hearing.
"Our concern is that the cloud offers a rich target for hackers, criminals, terrorists, and rogue nations," said Subcommittee Chairman Dan Lungren (R-CA). "With cyber-espionage affecting every sector of our economy, aggregating important information in one location is a legitimate security concern. You might say it's a target-rich environment." Many cloud providers spread data across servers and data centers to reduce risk, said Timothy Brown, senior vice president and chief architect for security at CA Technologies. "Little pieces of your data are stored in little pieces on servers all over the world," he said. "Therefore, they can't be reconstituted into one piece." Other subcommittee members questioned whether agencies should use the services of foreign cloud providers and what will happen to an agency's data if its cloud provider goes out of business. Lawmakers need to examine cloud computing's benefits and risks after the Obama administration issued a "cloud first" strategy for IT deployment in February, Rep Lungren said. Five of seven witnesses before the subcommittee defended cloud computing, saying it can save U.S. agencies significant money and allow them to upgrade their technology much faster than they can with in-house systems.
- Cloud Computing: What are the Security Implications?
- Outgoing Rep Lungren hopes to remain engaged in cybersecurity efforts
- House action on DHS cyber oversight conflicts with Senate proposal
- House to vote on four cyber bills, leaves out Lungren measure
- Cyber Command Chief: DoD Moving to the Cloud
- High-tech storage raises questions
- DHS Sec Napolitano backs Senate cybersecurity bill, industry reporting requirement
- Policy Would Require Agencies to Patch Cybersecurity Holes Within 72 Hours of Discovery
- House Homeland Security Panel Fights to Stay in Cybersecurity Debate
- Lawmakers join forces on cybersecurity legislation
- Republicans: Report shows DHS not up to cybersecurity challenge
- Forecast for cybersecurity bills looks cloudy in reconvened Congress
- DHS official: Agencies must make high-risk cyber threats top priority
- Recap of "Cybersecurity: Network Threats and Policy Challenges"
- Senator Hopes for a Vote on Cybersecurity Measure Before Elections