5 ways to prep for procuring cloud services

Government acquisition personnel must often perform a balancing act to achieve the cost and efficiency benefits promised by cloud providers. On the one hand, they need to contract for solutions that share a common set of hardware and software resources to benefit from money-saving economies of scale. Unfortunately, one-size-fits-all solutions aren’t always appropriate, especially when missions and support requirements differ so widely across the government.

Joint Cloud Report:

Is government procurement ready for the cloud?

Cloud procurement stumbling blocks

Agency officials and consultants say some core definitions and tools could speed contract negotiations and bridge the sometimes conflicting needs of agencies and cloud providers. Here is a list of techniques that could help speed government’s move to the cloud.

1. Security accreditation

Security fears rank among the top obstacles to cloud migrations. Fortunately, procurement officers could have an important tool to address those issues this year — the Federal Risk and Authorization Management Program (FedRAMP). It will create a security baseline that any agency can use to ensure that cloud contracts meet a standard level of protection. Combined with security guidelines from the National Institute of Standards and Technology, FedRAMP promises to simplify and speed the acquisition process.

2. Service-level agreements

The FedRAMP model for an accredited baseline of requirements could be useful in other areas, including the creation of service-level agreements. Agencies and cloud providers often struggle to balance conflicting requirements when it comes to SLAs, said William Corrington, former chief technology officer at the Interior Department and now the cloud strategy lead at Stony Point Enterprises.

For example, the Office of Management and Budget or the General Services Administration might specify that all cloud-based e-mail solutions achieve a minimum uptime rating of 99.95 percent, which would relieve agencies and vendors from hashing out those terms for each contract and thereby speed negotiations.

“Government lawyers would have some confidence that contract language is coming down from OMB or GSA, and cloud vendors would understand what the government is expecting for terms and conditions,” Corrington said.

3. Standardized service definitions

A similar framework for predetermined terms and conditions would benefit common cloud services, such as e-mail solutions or IT infrastructure services. “There are a lot of variables, but if you lock everyone down into a set of services that are utilitarian, then many challenges go away and agencies can compare pricing apples to apples,” said Michael Sorenson, director of cloud services at QinetiQ North America.

The framework would differ from traditional governmentwide acquisition contracts and blanket purchase agreements (BPAs) by establishing standard service definitions all vendors in a particular cloud category would use. Cloud providers might be willing to embrace standardized definitions as a way to discourage agencies from negotiating special terms for commodity solutions.

“Even when the new BPA for [GSA’s proposed e-mail-as-a-service agreement] comes out, I still think agencies will look at terms of service and want to negotiate them,” said Peter Gallagher, a partner in the Civilian Federal Systems group at Unisys. “If you are a [software-as-a-service] provider, it is difficult to negotiate different terms of service in a multi-tenant environment.”

To accommodate varying needs, the government could create standardized terms for tiers of service, such as gold, silver and bronze levels with different performance characteristics, Gallagher added.

4. Clear rules for data management

Today, agencies must negotiate to insert clauses into cloud contracts that specify how their information is maintained and protected by cloud providers. For example, officials at Customs and Border Protection are concerned about having exit strategy options for their data if they decide to switch cloud providers.

“I want that language in the contract going in," said Wolf Tombe, the agency's chief technology officer. "I don’t want that to be an afterthought.”

Another issue is the physical location of the storage systems that house government data. Some security rules call for sensitive data to remain in the United States or in select overseas countries. But that can be hard to nail down, as GSA learned when two contractors successfully challenged its original e-mail-as-a-service request for quotations, which restricted data services to certain specified locations.

5. New skill sets for procurement employees

Some acquisition officers might need training to help them negotiate and manage cloud contracts. “Agencies don’t necessarily need to hire legions of new people, but they should make sure their acquisition workforce understands the difference in service acquisitions and why they’re different from products,” said Larry Allen, president of Allen Federal Business Partners.

Key skills for a cloud-rich environment include project and vendor management. The IT Acquisition Advisory Council, among others, is working with the government to promote new acquisition methodologies that are better suited to the cloud, Tombe said.

About the Author

Alan Joch is a freelance writer based in New Hampshire.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Shutterstock image: looking for code.

    How DOD embraced bug bounties -- and how your agency can, too

    Hack the Pentagon proved to Defense Department officials that outside hackers can be assets, not adversaries.

  • Shutterstock image: cyber defense.

    Why PPD-41 is evolutionary, not revolutionary

    Government cybersecurity officials say the presidential policy directive codifies cyber incident response protocols but doesn't radically change what's been in practice in recent years.

  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group