Cloud-bound agencies must do their homework on security, accountability
Cloud computing may be catching on in government, but many organizations are still contemplating their first steps. And they face a range of challenges in getting started, a panel of experts said during the AFCEA Belvoir Industry Days conference at the National Harbor, Md., March 19.
Ashok Nare, chief consultant at Octo Consulting said the barriers include security concerns, an unwillingness for agencies to give up control, sorting through pricing/consumption models and establishing accountability. Organizations must think about how they design, fund, manage and deliver cloud computing solutions, he said.
A “maturity chasm” affects how organizations approach cloud computing, Nare said. Agencies that have firm plans for cloud migrations are more prepared for the transition than those that don’t, he said.
Are IT managers pushing back on OMB's cloud-first policy?
5 ways to benefit from NIST’s cloud roadmap now
Many organizations hit the “low hanging fruit” when they transition to cloud-based models, said Jad El-Zein, staff CIM architect at VMware. At this level, agencies find that 20 to 30 percent of their applications are now easier to manage.
The next step in this process is to move to a more virtual presence with 60 percent or more of an organization’s computing applications done virtually. Many organizations have transitioned to this stage and are looking for the next level, he said.
After extensive virtualization, the next step is IT-as-a-service, El-Zein said. He said the move to the cloud does not have to be expensive and that cloud-based operations reduce labor costs and organizational agility through automation.
Federal agencies face changing priorities as they move to the cloud. Some organizations need the flexibility to make decisions in real time, said Robert Kondilas, a cloud strategist with CSC. People and organizations tend to want more data when they’re given access to large amounts of information, he added.
But the government must avoid the possibility of duplicating cloud-based risk management efforts, Kondilas said. Other challenges include agency IT policies that are incompatible with other federal organizations and acquisition delays due to lengthy compliance processes. A final concern is for inconsistent application of federal security requirements, he said.
Federal agencies can also use cloud computing to push services to citizens, said Melvin Greer, senior fellow and chief strategist for cloud computing at Lockheed Martin. These cloud 2.0 services can be used to drive innovation in an organization, he said.
One example of this is a recent project between the Federal Emergency Management Agency, the Health and Human Services Department and the City of New Orleans to promote residents to develop their own emergency plans in the event of a hurricane or other disaster.
The participating organizations used the Challenge.gov site to develop applications linking to YouTube or Facebook that allow people to alert and notify friends and relatives in the event of an emergency, Greer said.
The program opened up the submission process for the applications and received hundreds of apps in a 12-week period. These cloud 2.0 apps will now be pushed out to the citizens of New Orleans, he said.