The cloud is not a fad, says OMB's Scott Renda. "It is definitely here to stay, and it’s only going to get bigger."
The cloud is not a fad, and the government’s commitment to cloud computing is not a fleeting thing. In fact, as the bedrock technology for the new era of IT, “it's definitely here to stay, and it's only going to get bigger,” said OMB's Scott Renda.
Government is at the very beginning of the third major shift in computing paradigms with the cloud, following the ages of mainframe and client-server computing, said Renda, the Office of Management and Budget's cloud computing and federal data center consolidation portfolio manager. Renda spoke at the annual FOSE conference in Washington D.C., presented by 1105 Media, parent company of GCN.
The global market for cloud services is estimated to be $158 billion this year, growing to $244 billion by 2017. However, federal government spending on the cloud is currently only a small percentage of this, Renda said, with around $3 billion of its annual $80 billion IT budget spent on cloud services.
Government drivers for cloud computing include data center consolidation, mobile applications, social networking and big data. But the primary driver for most agencies, Renda said, is the administration’s Cloud First policy, established in 2010, which makes the cloud the default choice for new IT projects if there is a secure offering available.
The security challenge is being met in part by the FedRAMP program, which certifies that cloud service providers meet a baseline set of security controls included in the Federal Information Security Management Act (FISMA).
“FedRAMP does not replace FISMA,” Renda said. But by ensuring that a set of basic controls are in place, it streamlines the process of evaluating system security before the system receives an authorization to operate.
Despite the government’s commitment to the cloud, “it is not a panacea,” Renda said. “The cloud is a means to an end,” and mission must drive the choice of services.
To date, 75 percent of government cloud spending has been on private clouds and about 20 percent on public clouds, which come under the FedRAMP certification program. The remaining 5 percent is on hybrid clouds. But, “hybrid clouds appear to be getting more steam,” Renda said.
The government’s move to the cloud will not take place overnight, said Jeff Lush, former Veterans Administration chief technology officer and now CTO of Dell federal government services. But the shift is appropriate for many kinds of government services, and agencies have an opportunity to use it to improve IT security.
For most legacy IT systems, security took a back seat during development and has never caught up, making government cybersecurity a high-risk area since before the turn of the century, according to the Government Accountability Office. Cloud First gives agencies a chance “to hit the reset button,” Lush said, adopting services and platforms in which security has been built in from the beginning and certified as meeting minimum government requirements.