9 lessons from federal IT reform
The federal government should start seeing savings of $100 million a year starting in 2013 as result of some agency cloud migrations resulting from the Office of Management and Budget’s 25-point Plan for IT reform, said Scott Renda, portfolio manager for cloud computing with OMB.
June 11 is the 18-month deadline by which agencies were to each move three applications to cloud services and, although OMB will release detailed information on IT reform next week, Renda said about 80 percent of the services are complete.
Renda spoke June 6 at a panel discussion at the National Institute of Standards and Technology’s Cloud Computing Forum and Workshop V at the Commerce Department, giving an overview of IT reform and offering nine lessons learned so far from agencies’ migrations to the cloud.
Group offers 5 steps to federal IT reform
FedRAMP aims to authorize 3 cloud providers by year's end
The 25-point plan calls for for agencies to move three services each — about 80 services overall — to the cloud over an 18-month period. OMB announced in December 2011 that each agency had hit the one-year target, migrating one service to the cloud, he said.
The services completed so far are evenly split between public and private clouds, with a smattering of hybrid and community clouds, Renda said. Software-as-a-service cloud delivery models lead the way, followed closely by deployments of infrastructure and platform as a service.
It is important to note that the IT reform plan’s Cloud First policy does not represent the sum total of what government is doing with cloud computing, Renda said. Cloud First was meant to jump-start agencies’ move to the cloud.
Eighteen months after the plan was released, agencies are not asking whether they can do cloud but when and how can they move to the cloud, he said. Agencies are releasing more cloud-related requests for information or proposals. Plus, the number and complexity of cloud installations are growing. Agencies are looking to move collaboration, human resources and identity management systems, as well as infrastructure, to the cloud, Renda said.
For example, Treasury’s Bureau of Engraving and Printing is looking to save $20 million by putting business process solutions in the cloud to improve acquisition, financial, manufacturing and supply chain management.
The General Services Administration is known for moving its e-mail to the cloud, but it has also made strides in sustainability, Renda said. GSA moved its power management solutions to the cloud, including all 17,000 workstations and servers. The agency manages power settings through the cloud-based solution achieving one-time savings of $200,000, but more important, GSA reduced its carbon footprint by 4.8 million carbon pounds per year, he said.
So cloud can save money, but it can also make agencies more energy efficient, help with sustainability and reduce waste, which are all ancillary benefits, he said.
Renda gave some insights about lessons learned from agency migration to the cloud:
- It is unlikely everything government has will move to cloud. “What we asked agencies to do is to focus on business needs,” he said. Agencies should think about how they are spending taxpayers’ dollars to solve a problem. How that problem will be solved should dictate what type of cloud they need. That means they will probably have to use multiple types of clouds, a combination of public, private, hybrid and community.
- There is a need to think of acquisition process in buying cloud services. The CIO Council also published a white paper, “Creating Effective Cloud Computing Contracts for the Federal Government,” that identifies at least 10 areas that should be addressed with regard to cloud contracts, including service-level agreements, the Freedom of Information Act, privacy, and records management. There is a mechanism on CIO.gov where people can give feedback, Renda said, encouraging industry comment to help improve the paper.
- When moving to the cloud, agencies should understand what they are getting for the price. They must understand what cloud service providers can and cannot do.
- Agencies need to think about the total cost of ownership, not just the cost of buying a new platform. There are other costs such as migration and training associated with cloud.
- Agencies can’t outsource risk to a cloud service provider. “We talk about the nature of risk assessment and security; that is why the Federal Risk Authorization and Management Program is so important,” Renda said.
- Agencies should think about how commoditization affects their business. When something is a commodity, it becomes ubiquitous. It also means that you can’t always have nice-to-have things; sometimes it means only having the must-have services.
- Portability and interoperability become more important in the cloud. If agencies need to switch vendors, there has to be a plan for getting government data back and have it interoperate with different vendors.
- There is always room for more enhanced communications between government and industry. Government has different deeds than the average consumer since laws dictate how agencies deal with privacy and records management.
- The government needs help to improve understanding of cloud deployment and development cycles from agencies and industry. If an agency is using agile or cloud cycles, the government needs better insight into how that is different than on-premise solutions, Renda said.