Cloud Computing

Feds trace path to the cloud

Cloud computing icon

The federal government's "cloud first" policy was articulated back in 2010, but adoption remains an ongoing process. Agencies have concerns about control, security and how interactions with commercial cloud providers will operate on a day-to-day basis. At the same time, they're facing deadlines to identify key technology functions to put in the cloud, and close data centers. Federal CIOs and private-sector cloud vendors shared their experiences at a Capitol Hill panel discussion July 10 held by the Information Technology and Innovation Foundation.

Navy CIO Terry Halvorsen cautioned against thinking of cloud as a single answer to the problem of lowering costs and improving mission. Halvorsen said the Navy has taken $1.4 billion out of its overall data center costs, and cloud has been a part of that savings. Navy officials put their public-facing data into an Amazon Web Services cloud, which saved 50 percent of initial costs.

But Halvorsen is not interested in blazing trails. "Where we want to be is taking advantage of where the commercial technology has proven to be effective to get the mission done at lowest cost," he said.

Halvorsen has no plans to put the Navy's high-security or classified information into a public cloud. There's also information that doesn't get accessed frequently enough, or by enough different users, to require a cloud solution. "It is going to be a blended environment, where we're using almost every blend you can think, so that we are spending less money and getting more value."

Frank Baitman, CIO of the Health and Human Services Department, sees cloud as a way to improve the fractured IT governance at some agencies, where money is appropriated to programs, and program managers go out and purchase IT to support that program, without regard for what other elements of an agency are doing.

"Cloud-based computing makes a compelling case for having an enterprise-wide view," he said. "It presents an opportunity for us to maintain control over the programs that are important, and get more for less money and put that money back into the mission, not into the technology." HHS also works with Amazon, but Baitman said he sees the opportunity to work with other cloud service providers as well, and create a more competitive environment.

Widespread competition will have to wait, however, for more cloud providers to be certified to supply the government with cloud infrastructure services. Currently, just four private firms and the Department of Agriculture are certified under FedRAMP, the critical security authorization for cloud providers.

The slow pace of FedRAMP clearances and of cloud adoption in general is disappointing to Rep. Gerry Connolly (D-Va.), an influential voice on government IT issues and co-sponsor of the Federal IT Procurement Reform Act that recently passed in the House of Representatives. Speaking at the event, Connolly noted that agencies were charged under the 25-point plan from former federal CIO Vivek Kundra with identifying three "must move" applications to migrate to the cloud.

"The federal government has failed to report on any of those agencies complying with that requirement," Connolly said.

Connolly was also pessimistic about the possibility of Congress coming up with new ways to appropriate money for IT across programs and accounts, to potentially reduce duplication and redundancy. But he did say that sequestration under the Budget Control Act, which he does not support, could provide some of the fiscal discipline required to get agencies to look to cloud computing services to save money.

Agencies resist cloud computing for a variety of reasons, according to Kyle Keller, cloud business director at EMC Federal. Their culture and purchasing cycles are geared more toward physical infrastructure and less toward services, and they may be getting mixed signals from Congress and the administration on the need to fulfill the cloud requirements in a timely fashion. Agencies that have not taken steps toward cloud adoption "don't know where to start, they don't have a framework, and their legacy infrastructures are very complex and stove-piped," he said. "Some have moved just because they were told to by order, and just picked an application off the tree" to move to the cloud.

Security also remains a concern for agencies. Baitman said his cloud services come with a real-time continuous monitoring feed going into a dashboard that IT specialists at HHS can see. "When we have suspicions of something going awry, we intervene very quickly," he said.

NOAA CIO Joseph Klimavicz said he would prefer real-time audit logs to security dashboards, to keep track of his systems. "Most companies won't provide that," he noted. And Halvorsen noted that he confined Navy's public cloud to information that was already public, so he wasn't as worried about security breaches. "I'm a little less concerned with public facing data getting out to the public," he said.

About the Author

Adam Mazmanian is FCW's senior staff writer, and covers Congress, health IT and governmentwide IT policy. Connect with him on Twitter: @thisismaz.

The 2015 Federal 100

Meet 100 women and men who are doing great things in federal IT.

Featured

  • Shutterstock image (by venimo): e-learning concept image, digital content and online webinar icons.

    Can MOOCs make the grade for federal training?

    Massive open online courses can offer specialized IT instruction on a flexible schedule and on the cheap. That may not always mesh with government's preference for structure and certification, however.

  • Shutterstock image (by edel): graduation cap and diploma.

    Cybersecurity: 6 schools with the right stuff

    The federal government craves more cybersecurity professionals. These six schools are helping meet that demand.

  • Rick Holgate

    Holgate to depart ATF

    Former ACT president will take a job with Gartner, follow his spouse to Vienna, Austria.

  • Are VA techies slacking off on Yammer?

    A new IG report cites security and productivity concerns associated with employees' use of the popular online collaboration tool.

  • Shutterstock image: digital fingerprint, cyber crime.

    Exclusive: The OPM breach details you haven't seen

    An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data, and the government's step-by-step response.

  • Stephen Warren

    Deputy CIO Warren exits VA

    The onetime acting CIO at Veterans Affairs will be taking over CIO duties at the Office of the Comptroller of the Currency.

  • Shutterstock image: monitoring factors of healthcare.

    DOD awards massive health records contract

    Leidos, Accenture and Cerner pull off an unexpected win of the multi-billion-dollar Defense Healthcare Management System Modernization contract, beating out the presumptive health-records leader.

  • Sweating the OPM data breach -- Illustration by Dragutin Cvijanovic

    Sweating the stolen data

    Millions of background-check records were compromised, OPM now says. Here's the jaw-dropping range of personal data that was exposed.

  • FCW magazine

    Let's talk about Alliant 2

    The General Services Administration is going to great lengths to gather feedback on its IT services GWAC. Will it make for a better acquisition vehicle?

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above