ATF going to the cloud
The Bureau of Alcohol, Tobacco, Firearms and Explosives is nearing a milestone of closing its last remaining data center and moving all of its data and applications to the cloud.
By the end of the fiscal year, ATF wants to have all of its users transitioned over to a new commercial cloud environment and plans to close down the data center and repurpose it for office space, bureau CTO Mason McDaniel told FedScoop.
What could possibly go wrong?
January 28th, 2020 at 5:44 pm
Certainly commercial cloud systems have had security issues. And for this particular case, there is also the risk of deliberate sabotage for political reasons. But on the other hand, the government doesn’t exactly have a good record on data security either, so it isn’t clear if this is a net win or a net loss.
January 28th, 2020 at 6:25 pm
pkoning: Net loss, and here’s why…
When you move to the cloud, whoever is in charge of the subscription is in charge of the security. That usually means developers, and developers have no idea how to set things up in a secure way.
Almost every cloud breach you hear about is because someone checked the wrong box in an Amazon Web Service dashboard.
This makes breaches far more likely.
January 28th, 2020 at 6:26 pm
Also, overheard at the office today…
“I dont trust the cloud”
“Why?”
“A cloud killed Kobe Bryant”
January 29th, 2020 at 7:31 am
wizardpc,
You’re completely incorrect. Moving from bare metal hardware to cloud hardware does not mean you’re also outsourcing your security hardening of the system to the cloud vendor. Also cloud doesn’t necessarily mean the entire infrastructure is completely open to the internet.
January 29th, 2020 at 7:34 am
pkoning,
It’s a net win because you’re lowering the cost of hardware through commoditization.