Pamela Dyson is shepherding a determined, if incremental, effort to move her agency's applications to the cloud.
Dyson was named the CIO at the Securities and Exchange Commission in February, after having joined the agency in 2010, when she joined an ambitious initiative to modernize and improve efficiencies in the SEC's IT infrastructure.
Dyson shared her thoughts on the cloud-enabled Software-as-a-Service (SaaS) model during a recent presentation hosted by Federal Computer Week, explaining that the SEC's Office of Information Technology holds out four overarching IT priorities: modernizing its aging infrastructure, improving business agility, harnessing big data and analytics, and what Dyson calls digital transformation -- updating applications and access to better serve end users.
And for many of those applications the SEC is looking to the cloud and the SaaS model, while taking care to ensure that the sensitive data and systems the agency oversees remain secure.
"We want reusable highly scalable and flexible platforms," Dyson says. "We want to strengthen our cybersecurity and continuous monitoring posturing -- that's very important whether we're working on-prem or in the cloud."
The determination of whether or not to roll out a SaaS application at the SEC "has a lot to do with timing," Dyson explains. The regulatory agency is charged with drafting and implementing rules for the securities industry, a process that is guided by deadlines mandated in statute or by the commission's own timetable. In that context, the consideration of a cloud deployment can become a question of whether or not the technology will support the agency's regulatory mission.
The SEC, like many other federal outfits, continues to run numerous legacy systems and applications, many deeply rooted in the agency's computing environment.
As a first step, the commission set about doing some of the spadework to modernize its infrastructure. That meant virtualizing and dramatically consolidating its data-center operations, reducing the footprint from tens of thousands of square feet to fewer than 5,000, according to Dyson.
The SEC has been judicious in its move to the cloud, though Dyson's team has already transitioned several key applications to a SaaS model, including its response tracking system, a CRM application, and the Market Information Data Analytics System, or MIDAS, a program that gathers billions of proprietary data points from the 13 national equity exchanges that are then made publicly available.
The commission has also moved to the cloud its emergency notification system, the program that can send out an alert to all SEC employees in the event of an emergency. That means that the SEC had to commit to push employee data outside its internal systems, but reasoned that the security concerns were manageable and that a level of redundancy was prudent for an emergency response system.
Sign up for CIO Asia eNewsletters.