1 / 13

Presented by: Harry Lee, Senior Computer Scientist for Infrastructure U.S. Census Bureau December 5, 2012

“ Does Cloud Computing Offer a Viable Option for the Control of Statistical Data: How Safe Are Clouds” Federal Committee for Statistical Methodology (FCSM) Policy Conference. Presented by: Harry Lee, Senior Computer Scientist for Infrastructure U.S. Census Bureau December 5, 2012.

ania
Download Presentation

Presented by: Harry Lee, Senior Computer Scientist for Infrastructure U.S. Census Bureau December 5, 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. “Does Cloud Computing Offer a Viable Option for the Control of Statistical Data: How Safe Are Clouds”Federal Committee for Statistical Methodology (FCSM) Policy Conference Presented by: Harry Lee, Senior Computer Scientist for Infrastructure U.S. Census Bureau December 5, 2012 U.S. Department of Commerce Economics and Statistics Administration U.S. CENSUS BUREAU

  2. Census Bureau Cloud Approach OverviewAgenda • Cloud Computing Defined • Why Cloud? • Census Hybrid Cloud Approach • Internal Census Use of Cloud Services • External Access to Census Data and Services • Shared Infrastructure and Services • What Controls are Needed? • Is the “Cloud” Safe Enough? • Questions U.S. Department of Commerce Economics and Statistics Administration U.S. CENSUS BUREAU

  3. Census Bureau Cloud Approach OverviewCloud Computing Defined The NIST Definition of Cloud Computing “Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.” U.S. Department of Commerce Economics and Statistics Administration U.S. CENSUS BUREAU

  4. Census Bureau Cloud Approach OverviewWhy Cloud? • Alignment with Federal Government Goals, Objectives and Initiatives, primary examples include: • 25 Point Implementation Plan to Reform Federal Information Technology Management (12/9/2010) • “Cloud First” Policy when looking to add IT resources and or capabilities • Federal Cloud Computing Strategy (2/8/2011) • Highly reliable, innovative services quickly despite resource constraints • Digital Government Strategy (5/23/2012) • Better content and data through multiple channels U.S. Department of Commerce Economics and Statistics Administration U.S. CENSUS BUREAU

  5. Census Bureau Cloud Approach OverviewWhy Cloud? • Cloud Benefits - Better, Faster, Cheaper…….even “Greener” • Efficiency • Improved asset utilization (server utilization > 60-70%) • Aggregated demand and accelerated system consolidation (e.g., Federal Data Center Consolidation Initiative) • Improved productivity in application development, application management, network, and end-user • Agility • Purchase “as-a-service” from trusted cloud providers • Near-instantaneous increases and reductions in capacity • More responsive to urgent agency needs • Innovation • Shift focus from asset ownership to service management • Tap into private sector innovation • Encourages entrepreneurial culture • Better linked to emerging technologies (e.g., devices) U.S. Department of Commerce Economics and Statistics Administration U.S. CENSUS BUREAU

  6. Census Bureau Cloud Approach OverviewHybrid Cloud Approach • 3 Cloud Model – Private, Government Community, Public • 2 Consumer Groups – Internal (Census, Partners), External (Gov, Public) • Multiple levels of security – data, apps, network, device, user • Multiple methods of data access – web site, web apps, APIs, VDI, LAN • Shared Infrastructure – network, servers, storage, security • Shared Services – data management, collaboration, applications (composition of two or more clouds that remain unique entities but are bound together, offering the benefits of multiple deployment models.) • Governance & Compliance

  7. Census Bureau Cloud Approach OverviewBoth internal and external Census customers use a growing list of IT services

  8. Census Bureau Cloud Approach OverviewCensus’ public API - Makes data available to developers, both inside and outside of Census

  9. Census Bureau Cloud Approach OverviewMobile applications provide powerful data visualization of the nation’s economy, people &places

  10. Census Bureau Cloud Approach Overview Enabling Telework via a Virtual Desktop Infrastructure (VDI)4 Points about VDI Threats of the user’s device contaminating Census Bureau systems and/or network are eliminated #3 #4 All system administration tasks, systems and software upgrades, backup of user files, etc. occur within the Census Bureau’s Private Cloud #2 Users work with files and applications which are centrally located Virtual Desktop Infrastructure Idle (Available Resources) Firewall Session B Session E Session B Session C Session D Session A Authorized External Session A Session C Note: The Census VDI infrastructure is currently capable of supporting over 10,000 users, is scalable to over a million users, and provides the opportunity to replace all desktops PCs with thin clients. Teleworker/WAH #1 Session D Using personally owned PCs, MACs, or tablets users view work sessions run through a firewall and processed in the Census Bureau’s Private Cloud Session E Users located at Census Headquarters Census Bureau Private Cloud U.S. Department of Commerce Economics and Statistics Administration U.S. CENSUS BUREAU

  11. Census Bureau Cloud Approach OverviewWhat Controls are Needed? • Data Security – Secure the data as primary security control • Application Security – Build security into the application as well as the data being accessed • Network Security – User and device network access controls • Device Security – Control and protect the devices accessing your data/systems • User Authentication and Authorization – For access to “protected” data and associated services • Web Browser Security - Cloud users and administrators rely heavily on Web browsers, so browser security features can lead to cloud security breaches

  12. Census Bureau Cloud Approach OverviewIs the “Cloud” Safe Enough? • With the proper security controls (based on level of data sensitivity) • With the proper visibility (into access and usage) • With the proper reviews (into who and what; and how to improve controls)

  13. Questions? Census Bureau Mission “The Census Bureau serves as the leading source of quality data about the nation's people and economy. We honor privacy, protect confidentiality, share our expertise globally, and conduct our work openly. We are guided on this mission by our strong and capable workforce, our readiness to innovate, and our abiding commitment to our customers.”

More Related