David Bennett, Defense Information Systems Agency chief information officer, has singled out risk as a top consideration for federal IT leaders deciding to migrate critical data to the cloud, Nextgov reported Tuesday.
“You have to understand risk and the data you’re dealing with,” Bennett said at a Nextgov event, according to Frank Konkel‘s report.
“As you look at those things, you have to ask questions like, ‘What controls do I have in place?,’” Bennett added.
DISA has started to approve products at Impact Levels 1 and 2 for handling unclassified public and private information and intends to hand out authorizations for Impact Levels 3 and 5 to manage higher-risk unclassified data.
Konkel reports the agency also intends to take applications for a proposed Impact Level 6 to manage classified defense data.
“Going to the commercial cloud is new for us, and we as application owners have to make conscious decisions,” Bennett said.
“I don’t think there is any right answer, you have to look at a variety of factors.”