Interagency collaboration produces strategy that outlines requirements and standards. Will it make it easier for agencies to buy into cloud?
Slideshow: 14 Most Popular Government Mobile Apps
(click image for larger view and for slideshow)
The federal government Tuesday released a draft version of a roadmap that aims to accelerate federal agencies' adoption of cloud computing and support the tech industry's development of cloud services by defining and communicating standards and requirements, as well as action plans to meet those standards.
The three volume draft, put together--with input from the National Institute for Standards and Technology (NIST), the Office of Management and Budget, and the interagency Federal Cloud Computing Standards and Technology Working Group--over a series of public workshops and other collaborative sessions, defines the government's top priorities for standards and requirements for cloud services.
"Our goal is to make it substantially easier to buy, sell, interconnect, and use cloud environments in the government," NIST director Pat Gallagher said in a speech Wednesday during an event at NIST headquarters to introduce the strategy. "The roadmap will serve as our action plan, and we expect it not only to drive federal standards efforts, but because our needs are not unique in government, we think it will help the private sector as well."
The roadmap includes both a big picture strategy and technical specifics in terms of how the government hopes to get there. Top priorities in the draft include developing a standard cloud vocabulary, finalizing a cloud computing taxonomy, and creating consistent policy for service level agreements and related terms.
The roadmap comes at a time when the Obama administration continues to push hard on agencies to move toward the cloud as part of higher profile efforts to cut spending and increase the efficiency of federal IT. Each federal agency must complete at least one cloud project by the end of the year, and two more by June 2012. The federal government's "Cloud First" strategy requires agencies to consider cloud computing as an option in any major new IT acquisition.
In one of his first public speeches since taking the job as federal CIO, Steven VanRoekel provided an update on that wider government strategy. VanRoekel confirmed that the shared security authorization service FedRAMP, designed with the acceleration of cloud adoption in mind, was in the final stages of approval at the White House, and said that the program would eventually be mandatory for agencies looking to use cloud services.
"We have really viewed cloud computing as a once in a lifetime opportunity to improve how the government buys, uses, and thinks about IT services," VanRoekel said. "And with pressure on reduced spending and citizens who are stepping up in terms of what they expect from government, that's putting pressure on government to deliver more with less." Ultimately, he said, he expects the government to go beyond its current goal of moving $20 billion worth of IT services into the cloud.
He said that, in his mind, the federal cloud strategy has four primary focus areas, including agencies, people, procurement, and cybersecurity. From the agencies' perspective, VanRoekel said, the CIO Council is working on a white paper on cloud best practices and lessons learned. Pilot programs will work on the personnel aspect of the cloud, FedRAMP will address procurement, and cybersecurity will be a key consideration for the cloud strategy as well.
NIST has remained an active player throughout the government's strategy, developing a definition for cloud computing, reference architecture, nomenclature, and model use cases. "We've already defined some of the key pieces," Gallagher said Wednesday. "Now we're putting it all together into a plan of attack, a specific action plan that strikes the balance between short- and long-term goals and defines steps to take."
The draft roadmap will be open for comment for 30 days. "If you think our priorities are wrong, let us know," Gallagher said.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.