Best Practices for Secure Cloud Migration at the Department of Health and Human Services

In recent years, the Department of Health and Human Services (HHS) has worked to embrace the cloud, with HHS’ Acting CIO, Ed Simcox, recently acknowledging that it’s “not necessarily an inherent core competency of the Federal government to run high-tech data centers.”

For HHS, moving out of the Federal data centers into hosted environments has the additional benefit of addressing some of the department’s workforce and cultural challenges. However, the cloud era also creates new challenges for the department’s cybersecurity teams: HHS needs unified data protection on-premises and in the cloud, and the Department must stop bad actors from accessing cloud application data. This guide highlights HHS security challenges and gaps in visibility and provides best practices on mitigating the risk inherent in the mobile-cloud world.