Critical Read

Study details challenges in government cloud contracting

IBM Center for the Business of Government cloud report cover

What: An IBM Center for the Business of Government study released Nov. 18 titled "Cloudy with a Chance of Success: Contracting for the Cloud in Government," by Shannon Howle Tufts and Meredith Leigh Weiss of the University of North Carolina at Chapel Hill.

Why: The report explains 12 major issues that should be addressed in all cloud computing contracts based on detailed analysis of five public-sector contracts for cloud services. Issues discussed range from traditional mainstays such as pricing to newer issues, including data ownership, access to data, confidentiality, network security, privacy, disposition of data, data or security breaches, and data storage location.

Cloud contracts are growing in popularity in the public sector because they often offer increased capabilities and efficiencies and -- potentially -- lower costs. However, this study also highlights risks and challenges involved in implementing cloud contracts. The report culminates in a series of recommendations regarding each case study and a list of best practices in negotiating cloud computing contracts.

Verbatim: Best practices in cloud computing:

  • Best Practice One: Government managers should not simply sign vendor-supplied master agreements, service-level agreements, acceptable-use policies, and/or contract terms.
  • Best Practice Two: Government managers should carefully review, negotiate, and modify the terms and conditions of the contract to meet the subscribing organization's needs and legal requirements.
  • Best Practice Three: Government agencies should employ a collaborative contract negotiation team consisting of experienced information technology, legal, procurement, and business professionals.
  • Best Practice Four: Government managers should identify which contract provisions are must-haves versus nice-to-haves.
  • Best Practice Five: Government managers must be willing to seek alternative providers or solutions in the event that the government's contract terms cannot or will not be met.
  • Best Practice Six: Government agencies should improve legal education for IT professionals, and hire legal professionals with technical expertise. There are a myriad of issues to consider and discuss with legal counsel prior to and during cloud services negotiations. Johndavid Kerr and Kwok Teng sum it up succinctly by saying that "each organization must conduct a thorough and diligent risk assessment of the potential threats of low to high risk inherent in cloud computing environments, and must ensure that all management and operational strategies and initiatives incorporate an optimal mix of cost-efficient processes, policies, and controls to mitigate against these risks. Each entity must determine which issues are of greatest concern and react accordingly in the hopes of minimizing the potential negative impact of a problem."

Full report: businessofgovernment.org.

About the Author

Frank Konkel is a former staff writer for FCW.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Tue, Nov 19, 2013 OccupyIT

I love this thinking. We'd like to tap into the economies of scale of the commercial sector commodity IT or COTS but then we want to customize every aspect of it and layer it with additional requirements we made up (i.e., aren't required by equivalent commercial buyers) and don't expect to be treated or charged as if we are buying a custom product. Seriously? And you wonder why we're charged prices higher than commercial? I"m guessing these folks received free lunches at school, right?

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group