Modernization

Cloud adoption slowed by culture, even with FedRAMP

Image from Shutterstock. 

The federal government maintains a "cloud first" policy, but is that statement backed up by what an agency can do as a practical matter?

"You can't say 'cloud first' with no way to procure it," Tony Summerlin, special advisor to the CIO of the Federal Communications Commission.

Speaking at the ImmixGroup Government Sales Summit, Summerlin complained that the right procurement vehicles aren't available for agency tech buyers.

"Buying software-as-a-service through GSA is painful," he said. "GSA doesn't know how to do it."

The ability to buy secure, effective cloud technology quickly is a key to moving federal agencies over to cloud platforms, he said. "Discipline and speed are key. You have to move rapidly or the goblins will eat you."

What's not so quick, Summerlin suggested, was the relatively slow approval process for the GSA-led Federal Risk and Authorization Management Program. Even with recent improvements, it can still take months to achieve provisional security authorizations via FedRAMP.

Claudio Belloli, FedRAMP's program manager for cybersecurity at GSA's Technology Transformation Service, said the approval process has been overhauled and streamlined to produce faster results and pointed to encouraging results in 2016.

In a conversation with FCW after the presentation, Belloli pointed to FedRAMP's increasing numbers of cloud providers and Authorities to Operate, as well as 2017 goals to grant provisional ATOs in an average of under six months.

Belloli pointed to a Nov. 7 blog post by Matt Goodrich that includes plans for "FedRAMP Tailored" -- an effort to speed authorizations for certain software-as-a-service offerings instead of demanding a "one size fits all" approach.

Belloli also said GSA would review how to make the continuous monitoring component of the risk management process more effective in 2017.

Even with improved authorization processes and speedier approvals, however, both Summerlin and the Securities and Exchange Commission's Mike Fairless said cloud adoption depends largely on agency culture.

"We realized we lived in a siloed world" when it came to IT, said Fairless, who is the SEC's branch chief for servers and storage and has worked to get his agency to accept cloud operations. Most agencies, he said, tend to want technological innovators, but then as legal and jurisdictional interests arises, those innovators can be tossed aside.

The FCC, said Summerlin, was similarly fragmented. "We had 1,800 databases and 1,700 employees," he said. "We had 87 licensing systems" that broadcasters had to navigate to get their operating and ownership licenses.

The best way get around such obstacles, according to Summerlin, is to get experts to "live in the environment" and learn the nitty gritty details of what needs to be done.

"You have to bring in someone who is bulletproof" technologically, he said. "You have to become part of the environment. None of that parachuting in crap."

About the Author

Mark Rockwell is a staff writer at FCW.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Mon, Nov 21, 2016 career evolve Springfield

Is the slow down due to the real lack of trust between Cloud Providers and the Government agencies? A tailored model is much needed and the approval process must be expedited. It will be interesting to see how this manual intervention in the buying process may actually further private cloud attempts even though it is not the primary desired selection.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group