Acquisition rules slowing down cloud procurements, federal IT execs say

Aligning federal acquisition rules to facilitate cloud adoption is proving to be difficult and likely will involve changes in acquisition workforce training, according to an expert panel of federal information technology executives.

Aligning acquisition rules to better serve cloud services procurements “is a problem,” said Steve Cooper, acting chief information officer for the Federal Aviation Administration, speaking at the AFCEA Bethesda event on Nov. 16. “We do not have an answer yet.”

Given that agencies are in the early stages of adapting acquisition systems and their workforces to cloud environments, the transition "probably will not happen at lightning speed," Cooper added.

Related story:

Cloud computing opens new questions for procurements

Agencies need more expertise with developing cloud services acquisition vehicles, Service-Level Agreements, cloud security, and cloud alignments with reference architectures, among other features, to become more comfortable with cloud computing and managed service environments, agreed discussion moderator David McClure, associate administrator for the General Services Administration’s Office of Citizen Services and Innovative Technologies.

“We are one step down that path,” McClure said. “It is a huge culture shift. The acquisition process is not designed to work extremely well in a service environment.”

Traditionally, federal agencies have bought IT systems to help carry out their missions, and have employed IT experts to oversee and troubleshoot the systems. Under the Obama administration’s promotion of cloud computing services, many agencies are transitioning to the purchase of infrastructure, email, storage, software and other computing assets as services. Those applications typically exist in a "cloud," -- a shared computing environment, usually hosted by a contractor.

The discussion at AFCEA Bethesda event was focused on how federal agencies can manage the transition to the cloud.

Federal agencies are struggling to develop effective acquisition policies, systems and expertise to help them adopt cloud computing on a broader scale, said panelist Barry Brown, executive director of Enterprise Data Management & Engineering for Customs and Border Protection.

The current acquisition model “is not doing any good for the cloud,” Brown said.

One of the main challenges is in retraining the IT workforce to manage services, rather than hardware and software, Cooper said. As more cloud services are adopted, IT staffers will be charged with overseeing them and their skills will need to include “business and personal relationship services,” he said.

However, Cooper said he expects that developing that expertise could be somewhat problematic among the IT staff. “That is not, historically, how IT folks have gone through their careers,” he said.

IT employees also may need to retrained to expand their skills in customer service, said panelist Rick Holgate, CIO of Bureau of Alcohol, Tobacco and Firearms.

The bureau already has made the transition in part, with more IT staffers serving as project managers and overseeing vendor relationships and service-level agreements, Holgate said.

Managing security also is a major issue for cloud services, Holgate added. “Before, we were dealing with the physical boundary, and with people. Now, there has been an evolution,” with less emphasis on physical security and more on access management and data security, he added.

Brown said applications and tools are proving to be helpful in managing ongoing security in the cloud, including tools for monitoring and alerting, and a HelpDesk dashboard with up-to-date information on the latest trouble requests.

“We want to move away from reacting to problems, to predictive tools,” Brown said.