Supporting the Federal Cloud Computing Strategy
The White House Office of Management and Budget (OMB) is proposing a new strategy to increase cloud adoption across the Federal portfolio and is seeking public comments on the draft. Mark Settle, Okta Chief Information Officer, submitted the below comment to the Federal CIO and OMB—supporting the proposed strategy to utilize IT modernization for the Federal Government to improve citizen-facing services, accessibility, and maintain cybersecurity.
Okta, Inc. expresses its support for the OMB’s proposed Federal Cloud Computing Strategy, and we applaud the recognition on the importance and usefulness of cloud technologies for the modern workforce. At Okta, our vision is to enable any agency to use any technology, and the cloud is foundational to making that a reality for all organizations, whether they are in the private or public sectors. We believe that the implementation of a holistic cloud strategy will lead to increased efficiency of government functions and services, and greater cybersecurity across all federal departments and agencies.
We are pleased to see the shift from Cloud First to Cloud Smart, which mirrors the reality that many large private sector enterprises face. A wholesale adoption of cloud capabilities is rarely feasible or justifiable in practice. Large enterprises, including the Federal Government, have often already invested a lot in their historical IT infrastructure and, in many cases, their operational models are too unique to be overhauled and shifted completely to the cloud. In our opinion, cloud solutions should be evaluated relative to the mission requirements of individual departments and agencies.
We note that justifying new technology investments by identifying cost and operational benefits should be incorporated into the Federal Cloud Computing Strategy because modernization is as much about determining what to stop doing, as it is about what to start doing. The technical debt of legacy systems – both in the Government and in the private sector – is staggering. The private sector routinely justifies investments in new technology by rigorously quantifying cost reductions and operational efficiencies that will be achieved by retiring old systems. These liabilities can be reduced by sustained focus and funding on technical debt reduction.
Finally, we welcome the strategy’s emphasis on risk-based approaches to safeguarding critical systems is consistent with current private sector cyber strategies. More than 80 percent of breaches that occur in the private sector are the result of credential hijacking. Large enterprises that conventionally invested in network and data center cyber defenses are now applying Zero Trust principles to end-users and their devices to counter this threat. The Federal Cloud Computing Strategy recognizes this new reality and advocates for investments in tools and procedures that are specifically focused on mitigating the Government’s greatest security risks.
We are committed to supporting this strategy and look forward to continuing the broader conversation on these topics.