Overuse is a word that is often what people think of when the term is cloud is mentioned. Over the past several years it has been thrown around by IT and business practitioners as well as vendors as though the cloud holds all the answers. Today, we see more pragmatism about the benefits of the cloud and where it can be best put to use. The term not often mentioned or associated with cloud to a great degree is information governance. This is especially true when discussing public cloud services, however, the private cloud is proving to deliver some very unique information governance capabilities. An interesting example can be found in how the NSA is using its private cloud.
An article published by NetworkWorld, Exclusive: Inside the NSA’s Private Cloud, describes how the federal agency is leveraging the private cloud to improve cost, efficiency, and even information governance. Having spent a number of years delivering software and solutions for both public/private clouds it is good to see the benefits we espoused are being realized in production. They are benefiting from cost savings public cloud providers such as Amazon and Apple have enjoyed. It affords the NSA economies of scale through sharing services that reduce expenditures on space, power, and cooling. However, that’s not necessarily the most beneficial part of the NSA cloud.
The concerns relative to security and compliance have echoed for a while in the market and with good cause given recent data breaches at cloud providers, e.g. Apple. Given the classified nature of NSA information, it’s an infinitely greater concern as is the ability to rapidly share data across the organization for analyzing potential threats. By bringing together data sets from multiple systems they are able to protect and enforce the authorized use of each piece of data. It’s important to note that they are working to manage and govern information at its most granular level, i.e. each piece of data.
This is accomplished by tagging data assets with metadata allowing it to track what happens to the data while it’s within the shared cloud infrastructure. The NSA also applies tagging to people so they are essentially able to track when data arrived, who can access it as well as those who did access it and whether the downloaded, printed, copied, forwarded and or modified the data. Metadata tags also provide IT staff with notification of when data is ready to be purged. The ease of sharing and collaboration based on information accessible in the “same bucket” by multiple analysts is another benefit to the “speed, depth and efficacy of their work” (something we want from the NSA).
The NSA just didn’t go out and by a private cloud off-the-shelf. They did a lot of development and integration on their own so it’s not like organizations can easily replicate what they have done right away. However, the architecture and capabilities of the NSA cloud can serve as the basis for evaluating what your information governance needs are and how the cloud, public or private, might satisfy those requirements.
Not a member? Join the community
Already a member? Sign in
Become a CGOC Member and have access to resources, white papers, surveys, proceedings, and practice tools such as the Information Economic Process Assessment Kit. CGOC Members receive first priority to regional CGOC executive meetings around the world.
Asterisks (*) indicate fields required for registration