Cloud brokers, the sequel

Shutterstock image (by Lightspring): businessman hanging from a cloud concept image.

(Image: Lightspring / Shutterstock)

Agency managers began grappling with the cloud brokerage concept in 2011. At the time, the idea was that brokers would serve as intermediaries between cloud service providers, such as Amazon Web Services, and government customers. Brokers would handle the details of negotiating contracts with vendors and acquire services on an agency’s behalf.

Four years later, notions about what constitutes a cloud broker and what role it should play in the government market have changed considerably. That’s hardly surprising given the fast-paced development of cloud technology. Some services have matured to the point of commoditization — for example, file sync-and-share services such as Dropbox — while other cloud deployments have grown in sophistication. Similarly, workloads entrusted to the cloud have evolved from low-risk, public-facing websites to business-critical applications.

Those changing market forces have encouraged government and industry executives to rethink and redefine cloud brokerages. Although the broker as contracting agent hasn’t entirely disappeared, other services are becoming more prominent. In some cases, brokers are starting to resemble the systems integrators of the 1990s as they pull together comprehensive solutions for customers. In other situations, brokers are taking on a consulting role and serving as trusted cloud advisers for their government clients.

Roopangi Kadakia, Web services executive at NASA, said brokers can serve a valuable role by helping agencies evaluate service providers and determine which platform will suit a given project. “The broker needs to have the ability to find the best services,” she said.

Why it matters

Federal agencies have made some headway in cloud adoption since the Office of Management and Budget launched its “cloud first” policy in 2010. The Government Accountability Office recently reviewed seven agencies and found that the number of cloud services they deployed grew from 21 in 2012 to 101 in 2014.

The agencies — Agriculture Department, General Services Administration, Department of Health and Human Services, Department of Homeland Security, Small Business Administration, State Department and Treasury Department — budgeted a collective $529 million for cloud services in fiscal 2014, a 72 percent increase over fiscal 2012 spending levels, according to a September 2014 GAO report.

But the cloud accounts for a tiny slice of the government’s overall IT spending. The agencies GAO studied allotted 2 percent of their IT budgets for cloud services. Although those budgets are growing, auditors noted that “agencies are still devoting a large portion of their IT budgets to non-cloud computing expenditures.”

So what’s hindering wider adoption? According to GAO, agencies have yet to assess the majority of their IT investments for their suitability as cloud migration candidates. A lack of cloud-savvy employees represents another barrier.

“Migrating legacy systems to cloud computing services requires knowledgeable acquisition staff and appropriate processes,” GAO’s report states, adding that HHS officials said they had the ability to purchase cloud services but “found post-award management to be a challenge.”

Cloud brokers say they can address such obstacles. For instance, they can help agencies sort through their IT assets with an eye toward the cloud, said Mike O’Brien, director of the Cloud Solutions Group at Aquilent. Companies like his can “help the customer determine which workloads are ideally suited for which cloud environments,” he added.

Brokers can also assist agencies as their cloud deployments become more complicated and even span multiple cloud solutions.

“We have seen a lot of customers that have part of an application sitting in a public cloud and part in an on-premise environment and another part in a different cloud because of security and compliance reasons,” O’Brien said.

The fundamentals

When the government began investigating the potential of cloud brokers four years ago, it needed to come up with a definition. The National Institute of Standards and Technology made its first attempt in the 2011 Cloud Computing Reference Architecture, which describes a cloud broker as an organization that “manages the use, performance and delivery of cloud services, and negotiates relationships between cloud providers and cloud consumers.”

In 2012, GSA issued a request for information to explore the broker model. The Defense Department went a step further that same year: Then-CIO Teresa Takai issued a memo designating the Defense Information Systems Agency as the DOD Enterprise Cloud Service Broker and directing all DOD components to “acquire cloud services by using the broker.”

In the ensuring years, cloud developments have compelled the government to re-evaluate the broker’s purpose. NIST is in the process of refining its broker definition. Bob Bohn, NIST’s cloud computing technical program manager, said the draft update identifies two types of cloud brokers: business and technical.

A business broker focuses on support functions such as contractual intermediation and billing. The service does not have any contact with the customer’s data or operations in the cloud, and the broker never touches a machine.

“All [the business broker has] to do is manage the relationship,” Bohn said.

The technical broker, in contrast, gets hands-on with the customer’s IT assets. Such brokers aggregate services provided by multiple cloud vendors and address any issues associated with the movement of data and applications among the services.

“I think there is going to be a big role for the technical cloud broker,” Bohn said. “They are dealing with lots of different providers in the background. Since they are doing that, they have to work at solving interoperability and portability issues.”

Depending on a customer’s requirements, an organization could serve as a technical broker, a business broker or both.

NIST’s two-part definition underscores the divergence between the administrative go-between in the earlier vision and the broadening role of the broker. NASA is working through this transition with its cloud broker, InfoZen.

Last year, the company helped NASA migrate websites and applications to the cloud. Kadakia said InfoZen has been providing acquisition support and working with cloud service providers on the agency’s behalf. But NASA plans to migrate cloud management duties to its Computer Services Service Office, which will purchase services directly from providers such as Amazon Web Services, Microsoft Azure and Google. The office will negotiate and hold master contracts, and serve as a resource for the entire agency.

Kadakia said that approach will help the agency maintain consistency in how it manages cloud service providers. As a result, the broker will get out of the acquisition business and become more of an adviser.

She said one of the biggest advantages of using a broker is the ability to thoroughly analyze a particular cloud service. Many people might want to go directly to a cloud provider to buy a file sync-and-share service, for example, but in doing so, they don’t receive the benefit of having the broker study the requirements and assess different cloud options, she added.

“The cloud broker would want to do that analysis and look at the alternatives and provide some options on what the best solution is,” Kadakia said.

Raj Ananthanpillai, CEO and president of InfoZen, said his company still handles cloud procurement for some customers, but that service is largely commoditized these days. Instead, the company focuses on helping customers identify requirements and securely migrate complex systems to the cloud.

Mark Pietrasanta, chief technology officer at Aquilent, agreed that customers are looking for a more highly specialized set of services from cloud brokers. “Buying cloud isn’t the hard problem at this point,” he added. “It is very commoditized.”


Next steps

1. Expanded definitions. The National Institute of Standards and Technology plans to revisit how it defines brokers and the other players in the cloud field: providers, carriers and auditors. More developments could emerge later this year.

2. More contracts. The General Services Administration awarded a $64.5 million contract to Booz Allen Hamilton in October 2014 to develop a cloud service broker solution for GSA’s Integrated Award Environment Office. And in November, GSA awarded a $100 million blanket purchase agreement under which Aquilent will provide cloud services from providers including Amazon Web Services.

3. Continued growth. Despite a few hurdles, the broker segment appears poised for expansion. MarketsandMarkets predicts that the global cloud services brokerage market will grow from $1.57 billion in 2013 to $10.5 billion in 2018.

The hurdles

Cloud brokers face a couple of obstacles that could hinder adoption, including the lack of a definitive, widely accepted definition of what a cloud broker does.

“‘Cloud broker’ means different things to different people,” Pietrasanta said.

The types of companies offering brokerage services might also contribute to the ambiguity. For instance, some cloud service providers say they can also play the broker role and will consider other service providers — not just themselves — when sizing up a customer’s needs.

Given that potential conflict of interest, “I don’t think a cloud services provider can be the independent broker,” Kadakia said.

Another challenge is a maturing market that could reduce the need for a broker as cloud services become even easier to buy. The Pentagon is taking that route with its recently revised cloud policy. In December 2014, DOD CIO Terry Halvorsen issued a memo permitting DOD components to “acquire cloud services directly.”

In addition, the Federal Risk and Authorization Management Program eliminates some of the security vetting that a broker might otherwise conduct. However, industry executives said brokers still have room to evaluate cloud security beyond the measures certified under FedRAMP.

What’s more, FedRAMP won’t help customers understand why they should select one provider over another when it comes to factors such as performance, bandwidth and platform expertise, said Shawn McCarthy, a research director at IDC Government Insights. Among other things, brokers can make recommendations based on differences in the size of workloads providers are capable of supporting.


  • Acquisition
    Shutterstock ID 169474442 By Maxx-Studio

    The growing importance of GWACs

    One of the government's most popular methods for buying emerging technologies and critical IT services faces significant challenges in an ever-changing marketplace

  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

Stay Connected