Two members of Congress introduced legislation that’s designed to help pave the way for the Department of Defense to make greater use of cloud computing resources. That is, as long as specific security requirements are met.

The bill would require a full evaluation of the overall security and potential capabilities of the current DoD cloud system. This means use of best practices related to cloud security by both public and private entities to establish security requirements for the DoD. Also, an examination of the potential for commercial cloud providers to host DoD information systems.

This is a step in the right direction for the DoD, although it’s a bit disturbing that lawmakers had to push them to the cloud and they did not make the move themselves. However, the “lacking security” excuse was front and center at the DoD, and now that seems to be off the table.

The DoD has a long way to go, in terms of moving to the cloud, with thousands and thousands of applications that would need to be migrated. Many of these applications must change to take advantage of cloud native feature, as well as require better security models. I guess it’s time to get started.