Private Cloud Adoption: A New Year’s Resolution for Federal Agencies
In 2009, Vivek Kundra, the United States’ first CIO, unveiled an ambitious agenda for modernizing government IT. It included the Federal Data Center Consolidation Initiative (FDCCI) and a new cloud-first policy. In 1999, the U.S. government had 432 data centers; by 2010, that number had nearly tripled, resulting in heavy capital expenditures and high power and cooling costs. According to Kundra’s 2011 Federal Cloud Computing Strategy brief, the U.S. government was using less than 30 percent of its existing server assets.
Kundra believed shifting to private cloud resources could increase efficiency, shutter unnecessary data centers and improve service quality. The move to cloud computing, however, was slow in the public sector. Now, seven years after Kundra began his work, federal agencies have recognized the power of partnership when it comes to the cloud. Using private-sector managed service providers, government agencies are consolidating data centers, getting more from existing assets and improving service quality.
Sharing the Load
One of the biggest obstacles to government cloud adoption is information security. The federal government has strict regulatory standards for citizens’ personal data, and rightly so. In addition, some agencies are custodians of highly sensitive and classified information. The government has a compelling interest to keep this information away from anyone who could expose state secrets.
From a security standpoint, private cloud makes sense for meeting exacting government security standards. Unfortunately, many agencies lack the internal IT expertise to migrate to the cloud and then manage the private cloud environment. Also, the government’s bureaucratic structure makes negotiating contracts a lengthy, cumbersome process. Until a few years ago, ZDNet reported, most agencies had their own vendor assessment and authorization (A&A) processes.
FedRAMP to the Rescue
In 2012, a new set of regulations called FedRAMP standardized A&A for third-party cloud vendors across the government. Instead of having each agency evaluate vendors according to its own methodology, the federal government provided a list of pre-approved managed services providers.
These vendors met stringent risk assessment and information security requirements, proving themselves capable of protecting private information. They also had expertise in cloud migration, deployment and management — which was a service many federal agencies needed.
Connecting to Cloud Resources
By the time Tony Scott became the federal government’s third CIO in early 2015, the government’s approach to consolidating its data centers had also evolved. According to Data Center Knowledge, instead of attempting to consolidate and shut down assets, government agencies were identifying critical applications, determining the best way to host their applications and eliminating everything else.
Researchers Joshua Bleiberg and Darrell M. West of the Brookings Institution reported that despite the financial advantages of cloud hosting, many federal agencies lacked adequate bandwidth and connection speeds to access applications remotely. Third-party vendors helped agencies improve their internal network infrastructure, giving them the advantages of private cloud hosting without application performance degradation.
The Rewards of Private Cloud
Cloud adoption offers many rewards for the public sector in terms of both performance and cost containment, including:
- Efficiency: Instead of building enough data center capacity for peak loads but using less than 30 percent of the infrastructure, agencies only pay for what they use and can tap additional resources to scale when necessary.
- Security: With a private cloud, it’s easier to upgrade and patch applications in one or a few centralized locations, ensuring everyone has access to the newest, safest versions of programs. Also, private clouds utilize a set number of dedicated servers, making security easier to manage.
- Redundancy: Utilizing both on-site and private cloud data backups, and having access to data centers in multiple locations, keeps agencies up and running even during natural disasters.
- Expertise: A shortage of cybersecurity employees means federal agencies need third-party assistance to build and maintain cyber defenses. They also rely on seasoned managed service vendors for optimal deployment and management of private cloud resources.
Invest in the Future
Many federal agencies will save dollars and cents by investing in private cloud — some may even save human lives. With so much at stake and so much to gain from investing in government technology, the time for cloud adoption is now.