Public-sector organizations are moving to cloud for speed and agility just like everyone else. But will their notoriously time-consuming compliance processes defeat the purpose?

To bring regulation up to cloud speed, some are building compliance as code right into cloud services. 

Government organizations have unique needs, but many adhere to certain basic compliance requirements, according to Tres Vance (pictured), director of strategic partners at Red Hat Inc. It’s important to set these rules and regulations into the code and provide visibility into them so that use of cloud services is not weighed down by manual processes.

“There is a level of trust that you can have in the software supply chain that’s being created, not only with these, but the things that the customers are building based on these solutions,” he stated.

Vance spoke with John Furrier, host of theCUBE, SiliconANGLE Media’s livestreaming studio, during AWS re:Invent. They discussed the compliance-as-code movement and Red Hat’s latest announcement with partner Amazon Web Services Inc. (* Disclosure below.)

Public sector gets its day cloud, open source

Vendors with a long arm in open source, like Red Hat, can plop customers’ suggestions directly into the upstream developer community. This enables them to promote changes at the code level that in turn deliver value to them. When those customers are in the public sector, this means things like complying Federal Information Processing Standards and expressing control statements with NIST SP 800-53, which is critically important for cloud service offerings, Vance explained. 

Red Hat’s compliance-as-code features can be examined both in its GitHub repository and also its website, where it articulates how its products work with those compliance frameworks. 

Naturally, Red Hat is tapping long-time partner AWS — which through its Public Sector business has many highly regulated customers — to move deeper into compliance as code. The two are preparing to bring out Red Hat OpenShift Service on AWS, which will be “first native offering and joint offering by AWS with a third party such as ourselves,” Vance said. 

Red Hat is working to bring its whole portfolio into the AWS cloud for, among other things, managed services that turn operational processes into code for public-sector customers. 

One example of a highly regulated body that’s successfully leveraged cloud agility through Red Hat products is the United States Navy. Compile to Combat 24 program.

“The idea is that you can have software that has created a new capability deployed and in theater within a short period of time. We’re very fortunate and very glad to be a part of that and continue to iterate in that way,” Vance concluded. 

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS re:Invent. (* Disclosure: Red Hat Inc. sponsored this segment of theCUBE. Neither Red Hat nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE