New NIST cloud synopsis highlights both benefits and areas for improvement

June 1, 2012

With FedRAMP ready to launch in early June and cloud computing an ever more formidable force in the world of technology, the National Institute of Standards and Technology (NIST) released a special publication aimed at demystifying the cloud in general language. While the report details many of the open issues, like data security, that still surround the cloud's adoption process, it also highlighted the many benefits.

Even as many government departments struggle in their attempt to embrace the Obama administration's cloud-first policy, the cloud is growing. An enterprise IT company's study anticipates that U.S. government spending on commercial cloud services will expand over the next five years at a compound annual rate of 34 percent.

The cloud budget in the U.S. government is still formidable, coming in at $734 million in the 2012 fiscal year. By 2017, the survey anticipates that the government will be spending $3.2 billion, more than four times the current amount. A study from British research company Visiongain predicts that the worldwide cloud budget is already at $37.9 billion in 2012, on a pace to increase rapidly all across the developed world, alongside the growth in the United States.

Increased adoption will be pushed along by the benefits of the cloud. The NIST highlighted scalability as one benefit the cloud offers. With that comes the small footprints that products and services in the cloud make, meaning that the security software-as-a-service provides a lower level of risk than many traditional applications. The other major benefit that the report trumpeted was the ability of cloud services to save the organizations that used them significant amounts of money.

NIST also took a step that many other advisory bodies have taken in recent months, proposing that there needs to be a better sense of standardized options. Cloud security was also highlighted, as the open sharing of hardware was a concern, especially with such sensitive data in the hands of many government agencies. Data security in the cloud was one area that the NIST needed more assurance with, partly because the vulnerabilities can extend all the way to the end-user's browser.

As U.S. government agencies are closer than ever to making the leap, the NIST also sought to use its report to aid IT professionals throughout the public sector in making decisions about cloud computing. Combined with the new certification process coming with FedRAMP, government decision makers will be armed with more information on the growing technology than ever before.

-McAfee Cloud Security