In the five years since the federal government launched its “Cloud First” strategy, the two dozen departments and agencies participating in the Federal Data Center Consolidation Initiative have made progress on data center closures—but not to the extent expected.
The tide may be turning, though: While the initiativewide goal for agencies to close 40 percent of all noncore data centers by fiscal year 2015 wasn’t met, agencies are on track to exceed the goal by the end of fiscal year 2016, according to the Government Accounting Office.
“Agencies have made progress, but not as much as senior IT leadership in the government would like to see,” says Ted Hengst, a consulting principal at Accelerate IT Advisors, a technology-focused consulting services firm that assists privately held companies and investment groups in North America.
Hengst notes, however, that increased emphasis from government leadership to continue the migration will accelerate the cloud transition over the next one to three years. Technology has changed a lot over the past few years, he says, and the federal CIO is seeking comments on how to speed up the process established by the initial Cloud First mandate.
Change is afoot at the Federal Risk and Authorization Management Program (FedRAMP), which provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services, to enable cloud service providers and agencies to achieve its authorizations faster. Joel Lipkin, COO, Four Points Technology, a solution provider that specializes in delivering technical solutions for government initiatives, has seen significant progress in FedRAMP approvals over the past 18 months. “It’s become a much more well-understood and structured methodology for doing things securely in the cloud,” he says.
That’s just one of a few recent developments that Four Points believes has led to a big pickup for its government customers’ efforts around public cloud procurement, adoption, prototyping and test environments going live, as well as for the efforts they are making to create “serious governance and operational processes around moving enterprise applications into the cloud,” Lipkin says.
It’s pretty clear now that the economics of the cloud are undeniable for variable workloads. “The savings are tremendous,” Lipkin says. So, too, is the cloud’s value for letting agencies quickly spin up development environments, enabling them to get a jump on mission-critical work in hours or days versus the months it could take them to secure hardware resources
in a traditional data center, and for providing them with more direct control over allocating and reallocating those resources.
Another plus is that customers are learning that resellers and solution providers like Four Points can provide them with tools that let them directly connect from their data centers to the cloud, eliminating public Internet interactions. “That takes some concerns out of the equation,” he says.
The Cloud’s Impact Grows
Servicing civilian agencies that want to move live workloads into public clouds such as Amazon Web Services (AWS), Lipkin notes, has become a major part of the company’s business. The agencies it has worked with not only are migrating meaningful internal enterprise workloads to the cloud but also their highly trafficked citizen-facing web presences, showing an increased measure of faith in cloud environments. “It’s absolutely not just tactical anymore,” he says.
The Interior and Treasury departments offer good examples of how the cloud has become more strategic for federal agencies, leveraging cloud platforms that support the geospatial community, development and test-as-a-service, and extranet services, among others, says Jason Bystrak, executive director, cloud, North America, Ingram Micro.
Still, some challenges remain. Security concerns may be decreasing, for instance, but they are still there to some extent. To that end, solution providers should continue highlighting the fact that public cloud providers typically have a higher level of security in their data centers than most agencies have deployed on-premises, and that federal departments also can avail themselves of options to raise the bar even further with remote management and monitoring security services, Bystrak says.
“I don’t think there is any individual organization’s data center in the world that can match what Amazon, the cloud we spend most of our time working with, and presumably Microsoft and Google are doing to make sure that the baseline of security is met,” agrees Lipkin.
AWS, for example, makes sure that virtual machines, storage, virtual appliances and the applications that it makes available to users are reliable and secure with an “unbelievable commitment to patching and using the latest revision of software and physical security and backup and redundancy across availability zones,” Lipkin says. Beyond that, agencies may need assistance from solution providers in applying core best practices for safeguarding their apps that live in the cloud, such as help with networking security.
Expand Your Reach
Indeed, solution providers should be aware that federal agencies may lack the skill sets they need to fully leverage cloud computing, whether in security, workload management, data migration or cloud optimization techniques—and make their expertise available as part of their value proposition. “They can provide those skills wrapped around cloud services to deliver as a proposal to federal agencies,” Bystrak advises.
Or, solution providers can position themselves to cater to agencies that want to disaggregate the purchase of cloud infrastructure on federal government contract vehicles, such as CIO-CS, from support services that they can provide internally or through existing in-house service providers. Four Points, for instance, can provide cloud services upon request,
but its basic model is to make buying into the cloud like buying enterprise data center products, where agencies have learned that the best deals are to be had by separating product from service, Lipkin says.
The channel also can help government customers with quantifying the cost-benefit case for the cloud, including the time investment advantages it offers compared with adding and implementing infrastructure and solutions on-premises. Ingram Micro channel partners also have the advantage of being able to work with the company to source FedRAMP-compliant solutions, including AWS GovCloud, IBM SoftLayer Federal Cloud and Microsoft Office 365 Government, from its cloud marketplace to deliver to federal government clients, Bystrak says.
Lipkin says that it’s hard to imagine where the cloud industry will be in the next few years, given the amazing progress it’s made so quickly, with new players entering the market and existing players adding to their capabilities. “That’s one great thing about Ingram Micro—their reach into the supplier community,” he says. As a partner, "that makes us much more effective."