While cloud technology isn’t new, many people still have several questions about it – especially when it comes to putting public safety data in the cloud. I recently sat down with Rick Zak, director of Justice & Public Safety Solutions at Microsoft, to get answers to some of the most common cloud questions out there.
Kristen Goode: Let's start with the very basic. What is the cloud?
Rick Zak: The cloud is about leveraging a trusted provider for a secure computing infrastructure instead of your own. If you're a law enforcement agency, you have a lot of infrastructure in your basement. You've got racks, you've got servers, and you support your own users in many ways. The cloud is about leveraging somebody else's computing capacity to complement your own.
KG: How secure is the cloud?
RZ: It's important to know the same rules around security and compliance that an agency has for the data they manage in their own data center apply when they go to the cloud. There are no exceptions, and there are no security freebies.
You can't say, "Well, our data center is CJIS compliant, but what’s in the cloud doesn’t have to be." It doesn't work that way. The same standards that apply in your house, apply in our house.
KG: So, you’re saying an agency’s data will have the same protections in the cloud as it would on-premises?
RZ: I would argue that, for a lot of agencies, they can actually step-up their security and compliance by coming to the cloud through Microsoft and Hexagon because we've already made the investments, and we have a deeper team on cyber than a public safety agency would.
At Microsoft, we spend several billion dollars a year on security and compliance. That means even the smallest agencies who are using Azure and Hexagon get the same cyber security investment that the largest agencies get.
KG: How is Microsoft Azure evolving to keep up with ever-changing security needs?
RZ: Because we run a cloud infrastructure, we are constantly engaged around cyber and around cybercrime. We take what we learn and embed it into our cloud platforms.
For example, we run a digital crimes unit in our headquarters outside Seattle. From there, we partner with law enforcement agencies around the world. We don’t just provide them the tools that they need to stop cybercrime, but we actually partner with them to support their work and stop malware and support prosecutions. Everything we learn from the cyber defense gets baked into our cloud.
And, so, it’s a perpetual learning process for us.
The other piece that's important here is when we build a data center, we don't put security and compliance in at the end. Instead, security and compliance start with the first shovel of dirt when we build a data center.
What questions do you have about the cloud?
If you have additional cloud questions you want answered, reach out to us on social media or visit us in person at APCO 2019 in Baltimore, MD, August 11-14.
Interested in moving your public safety solutions to the cloud? Check out our comprehensive portfolio of public safety solutions, HxGN OnCall.