I was happy to see so many of you at the 2011 Interagency Resources Management Conference (IRMCO), GSA’s preeminent forum for promoting innovation, transparency, and collaboration among government and industry leaders. The conference was a unique opportunity to put our heads together on the key initiatives that will transform government management.
I was fortunate to sit on a great panel with Karen Lee, from the Office of Management and Budget’s (OMB) Open Government for Federal Spending Transparency Initiative and Patrice McDermott, Director of OpenTheGovernment.org. We had a great discussion on how open government can drive improved government performance.
I’m a big fan of open government and increased communication, particularly as it relates to better, smarter government acquisitions. This issue is really driven home by the Office of Federal Procurement Policy’s recent must-read “myth-busting” memo, which basically debunks some of our overly cautious interactions with industry.
In the same spirit of myth-busting and improved government performance, I’d like to debunk some cloud computing myths. OMB has taken an aggressive stance on cloud. We’re all on the hook to move three systems to the cloud by 2012. I’m here to tell you that it can be done intelligently and securely.
Myth #1: Cloud can be anything
With any great innovation comes the temptation to repackage the old as new. You almost can’t open a government or tech trade publication today without seeing the word cloud. But not all cloud offerings are created equal: they must adhere to five essential characteristics. For a brief but thorough explanation, check out the very cool GSA Federal Cloud Computing Initiative video on YouTube.
Myth #2: Public clouds are not secure, and agencies can’t control security requirements
Public clouds are not inherently secure, but, with a little guidance, agencies can put in controls to achieve an acceptable level of security based on the confidentiality, integrity, and availability of the data.
First of all, off-the-shelf security terms are negotiable. Open communication with industry can help agencies define their unique requirements as well as a little help from the cloud experts at GSA.
Second, keeping information systems secure takes constant work. In some cases, cloud service providers may be in a better position to make necessary changes to control risk than if we operated every system ourselves.
Third, agencies can choose what to push to the cloud. Not all systems and data have the same security requirements; not everything is appropriate for cloud. By carefully moving appropriate components to cloud, both cloud-based systems and premise-based systems can become more secure.
Myth #3: Agencies will lose control of their data
Agencies can enforce strict Service Level Agreements (SLAs) for the handling of their data and should build into their requirements a prohibition against data-mining and monetizing.
Myth #4: Moving to the cloud is difficult
Difficult and easy are relative terms. If an agency is facing a technology transition that requires a large capital investment, say in hardware, then making that technology transition may be easier and faster in the cloud. However, every time you move data or applications, there is risk—regardless of whether you move the data or applications to the cloud or different platforms in your own data center.
Good practice in technology generally dictates that systems, applications, or data be moved in pilots or phases. Moving to the cloud is no different. Agencies can move component by component, on a timeline that makes sense for them.
Whatever an agency decides with cloud, GSA can make the acquisition process easier.
GSA is developing cloud-specific blanket purchase agreements that will soon be available to customers for Infrastructure-as-a-Service (IaaS) and Email-as-a-Service (EaaS)—based on what we’ve learned from our own cloud-based email procurement and proactive discussions with industry. These vehicles will make it easier for our customers to compare services and acquire what they need from the cloud. See “The Cloud: Battle of the Tech Titans” in Business Week, which explains how cloud is being used today.
To meet immediate needs, we already have existing contracts in place—Alliant and Alliant SB GWACs, and IT Schedule 70—that offer cloud services.
Customers are using all of these acquisitions today to buy cloud-based solution, and they can do those acquisitions quickly.
FACT: Cloud Computing Enables Good Government
We’ve all received our cloud marching orders, but OMB mandates are not the only reason to move forward. Cloud computing is a step forward in addressing the really big challenges we face: budget and deficit crises, increasing greenhouse gas emissions, and a population in need of critical government services.
Cloud computing will enable a more efficient, sustainable and effective government for the American people.
GSA can help. Come talk to me. Together we can transform government.