Four horsemen of fed IT slowing cloud adoption

Four horsemen of fed IT slowing cloud adoption

Federal IT managers hoping to take advantage of the cost and operational efficiencies that cloud technology offers should take a deep breath, make detailed plans and then move ahead despite the regulatory complications of federal IT, cloud experts said.

“The four horsemen of federal IT -- the FAR, FISMA, OMB and FITARA” are obstacles for federal CIOs and IT managers working to implement cloud services in their agencies, according to the Department of Agriculture’s Risk Management Agency CIO Chad Sheridan.

Those four things -- the Federal Acquisition Regulation, the Federal Information Security Management Act, the Office of Management and Budget and the Federal Information Technology Acquisition Reform Act -- aren’t going away, he said in remarks at ATARC’s Feb. 16 Federal Cloud and Data Center Summit.

“The FAR isn’t going to change,” he said. “FISMA basically says ‘cloud bad.’” The Office of Management and Budget scrutinizes how agencies spend their money, and FITARA sets up a “one CIO to rule them all” scenario that demands accountability, he said.

All of those rules create complications in moving to cloud, Sheridan said. “The natural state of government is command and control,” he explained. Rules and regulations are part of the way the federal government works. CIOs and IT managers can’t change that.

Federal IT managers  who face their fear of those four horsemen, Sheridan said, will find them overblown. “We can spend all day complaining why we can’t get cloud,” or, he said, we can find ways to work with those permanent complications.

Implementing cloud, he said, is based “on a belief that your mission matters. Patient action is required,” he said.

The mission is certainly key, Immigration and Customs Enforcement CTO David Larrimore said, and IT has become like electricity to those delivering on the agency’s mission. “People don’t care about cloud. It’s a utility,” he said. “People want to ensure they have enough electricity to do their job. It ties back to mission.”

Larrimore, who has been at ICE for five months, said his agency has taken an incremental approach to implementing cloud, identifying cloud vendors who can centralize and keep track of agency use of the services. ICE is also assessing which operations -- such as email, customer relationship management and HR systems -- might be most amenable to a cloud environment.

Assessing what networks and data centers an agency has and then coming up with a plan is an essential first step in getting past trepidations in implementing cloud, according to Maria Roat, CIO at the Small Business Administration.

Roat took on the SBA CIO job only four months ago but said she has been collecting details on the agency’s data centers and telecommunications networks with an eye to “getting out of the data center business” in favor of cloud services.

Roat said she wants to have a well-delineated roadmap on cloud and data center consolidation by the time she convenes a meeting with her IT teams in early March.

Consolidating, or shutting down data centers, knowing what you own and where it is, she said, also are integral milestones on the road to cloud.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


inside gcn

  • artificial intelligence (ktsdesign/Shutterstock.com)

    Machine learning with limited data

Reader Comments

Fri, Feb 24, 2017 DrK

As an expert in cyber/information security who has performed security reviews of over 100 cloud service and technology providers I believe that it is prudent to slow down and make sure the a) cloud is appropriate for the need, and b) that the cloud provider can show experience and capability to provide the services and technology with necessary security and availability needed. I have found so many who do not. The cloud services or infrastructure sold do not necessarily correspond with what is actually delivered.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group