As bad as recent government hacks have been, they could get worse.
Cloud computing might help people work faster and smarter, but it’s not secure enough to meet government standards, according to a poll of federal IT workers.
In a survey released Thursday by Dell and Dimensional Research, nearly eight in ten government information technology workers (74 percent) said that the insecurity of cloud networks would likely prevent more agencies from moving their work to those platforms.
Cloud computing certainly looks attractive to these workers: 71 percent said the cloud enabled better productivity. But lingering security concerns outweigh that appeal. Nearly nine in ten of the respondents (89 percent) said that security was more important to them than convenience.
Cloud systems have been the focus of many devastating cyberattacks in recent years, but hackers are increasingly turning their attention to government servers, too—and finding targets ripe for exploitation. The June security breach at the Office of Personnel Management (OPM) showed that federal IT systems were badly in need of security updates. In mid-June, White House Chief Information Officer Tony Scott ordered a month-long government-wide “cyber sprint” to improve security practices.
Most major attacks on government and private servers alike have exploited the most common vulnerability in network security: employee carelessness. When employees choose weak passwords or open unrecognized attachments, they give hackers a way into a system that might not otherwise be vulnerable. Whether the server is run by the federal government or Amazon‘s highly regarded S3 service, its security is only as robust as the weakest link in its network—and hackers are getting better at casting a net wide enough to ensnare that weak link.
The responses fit a well-known pattern that has stymied IT modernization for years. The U.S. government has consistently struggled to update its computer systems and bring modern hardware and software into the federal workplace, mainly because older systems—while undoubtedly clunky and missing many features that consumers take for granted—have met demanding security standards that competing products can’t yet match.
Government technology systems are so famously outdated that President Barack Obama‘s pioneering use of a BlackBerry represented a historic shift. Senior government officials had relied on the Sectera Edge, a clunky phone vetted by the National Security Agency, as safe enough for sensitive conversations. But Obama, an avowed Blackberry fan, prevailed in getting the NSA to vet and approve a modified version of the smartphone just for him.
As the new Dell–Dimensional Research poll suggests, however, similar advances into the twenty-first century will likely continue to elude the federal government.
Correction: The number of government IT workers who noted the security issues preventing cloud adoption is 74 percent.