When it comes to the cloud, state governments like the one in Maryland are combining commercial-cloud providers with their own data centers for mission delivery, backup and recovery.
Michael Leahy, Maryland’s secretary of information technology, said he’s forged a strong relationship with his “principal partner,” Amazon Web Services.
“We also have a private data center — that’s located in two Maryland locations — that holds most of our data,” Leahy said on Federal Monthly Insights — Cloud.
Leahy’s top cloud concern is security of both the state’s storage and compute and disaster-recovery strategies.
“With all the recent network breaches, [Maryland’s IT Department (DoIT)] has been working really hard to incorporate additional layers of security within our AWS environment,” Leahy said on Federal Drive with Tom Temin.
Lately, two tools DoIT has been working with are AWS’s security hub and its control-tower architecture.
“Security hub is a mix of security controls that can be used to take security to the next level, if you will,” Leahy said. “In addition to the security hub, we’re also deploying control tower. And once the security hub is fully deployed, we will effectively have standardized security platforms that aggregate, organize, and prioritize our security alerts.”
When discussing the use of the public cloud, Leahy praised the Maryland vaccine management system, especially as the supply was becoming more plentiful and more citizens wanted to get inoculated.
“The state put a system in place to create first appointments and more recently, a system of pre- registering to get the vaccine, where we would have 10,000 vaccine appointments accounted for and taken in less than a minute,” Leahy said. “So obviously, if the system was not built to scale, to take in 10,000 phone calls or Web visits rather instantly, we would have had a much larger problem if the system had crashed.”
Leahy said that part of the plan is backups. In fact, he chuckled after saying, “You can never have too many backups.”
“I suspect that as we determine whether we are going to have a more significant enterprise like storage capability, we will move that to the public cloud relatively quickly, with regard to agencies that have significant compute and storage within their own legacy systems. Again, the controlling factor, there’s the modernization of those systems, and their capacity to build the API’s and the data calls that don’t require them to call separate databases and incur those fees,” Leahy said.