This blog is an excerpt from GovLoop’s recent guide, “Tech Priorities for a Modern State and Local Government.”
Today, many IT leaders at the state and local government level understand that cloud computing is crucial to their IT service delivery and future growth. With the high stakes of meeting mission needs and delivering critical services to citizens, assessing and selecting a cloud provider is more important than ever to government today.
But you can’t pick any cloud vendor out there. When selecting a cloud provider, it is critical for state and local government agencies to review the facts to better understand what is being delivered in areas such as trust, security, compliance, and resiliency.
To help government understand how they can better pick the right cloud provider for them, GovLoop sat down with Stuart McKee, Chief Technology Officer, U.S. State and Local Government, Microsoft, to discuss the topics and facts that government needs to take a critical look at.
“It’s more obvious than ever that all clouds are not created equally,” McKee said. “State and local governments have to select a provider they can trust. So the question becomes, how do you measure trust?”
According to McKee, one thing that sets Microsoft apart is their transparency pillar. “We have really embraced the idea that as we deliver cloud capabilities, we’re asking government to trust us with their most sensitive data. And if that’s the case, then we should be willing to trust government with our most sensitive data, which is the core principle underneath our transparency agenda.”
McKee emphasized that trust in cloud vendors comes from a variety of areas, but most importantly, in that a vendor can prove they can provide high levels of security, compliance, and resiliency in their cloud offerings.
In terms of security, everybody knows that cyberthreats are continuing to evolve. “This means you need a cloud security provider who understands the threat landscape, has a history of protecting against them, and proven experience responding to them to give you more confidence in the security of your data,” McKee said.
In terms of compliance, requirements are complicated: from HIPAA to the IRS to CJIS Security Policy to the Department of Defense and FedRAMP, cloud service providers need to not only understand compliance standards but prove to government they can meet them. Microsoft is the only cloud service provider that offers a cloud that is DoD Impact Level 5 Provisional Authorization (PA)-ready for infrastructure, platform, and productivity services.
“In the case of compliance, we have a lot of customers that are challenged” McKee said. “Their cost of compliance is fairly significant. Just the processes that they’re going through to try and prove compliance, or deal with auditors, or, the operational overhead can be significant. But at Microsoft, we build the ability to deal with compliance into our products.”
Finally, in terms of resilience, a vendor’s cloud policies should be flexible and should enable governments to select the most suitable cloud types for delivering their services in a secure and robust manner.
“Most government today ask, how do we move forward responsibly, and how do we take advantage of these capabilities in the most responsible way? And at Microsoft we’re trying to help customers see the incremental steps they can take and how they can do that resiliently.” McKee went on to explain that government agencies don’t need to rip and replace, and throw away everything they’ve got when it comes to implementing a new cloud vendor. “What we are telling you is that there’s new capabilities that you can take advantage of right now, and Microsoft is here to help you do that.”
In short, McKee added, you need to closely review and understand what your cloud vendor can provide you, and make sure their offerings were built to meet the compliance and security demands necessary to support the missions of government, public safety, and defense.
With nearly 6 million Microsoft Government Cloud users across more than 7,000 federal, state and local government entities in the U.S. alone, Microsoft is committed to supporting the needs of government agencies and to building the most trusted, comprehensive cloud for government.
“When you choose the right cloud vendor,” McKee said, “you can do so much more. And with limited resources, what a great thing it is to spend less time on paperwork, and more time on saving lives instead of worrying about technology.”
For more information about how to innovate state and local government, you can find the full guide here.