GSA assistant commissioner Mary Davie tries to dispel cloud computing 'myths' and says a phased deployment strategy will raise the chances for successful projects.
(click image for larger view)
Slideshow: Top 20 Government Cloud Service Providers
Moving to the cloud is easier, more cost-effective, and safer than many federal IT pros realize, according to the assistant commissioner of the General Services Administration.
In light of the federal mandate for agencies to embrace cloud computing, GSA's Mary Davie tried to debunk some of the myths about cloud computing in a blog post on GSA.gov.
The Office of Management and Budget has taken "an aggressive stance on the cloud," she wrote. "We're all on the hook to move three systems to the cloud by 2012. I'm here to tell you that it can be done intelligently and securely."
GSA, provides technology products and services to federal agencies, has begun offering software as a service through its Apps.gov portal. In October, the agency announced that it would "soon" begin offering infrastructure as a service through Apps.gov and named 20 vendors that had been approved to offer those services.
Now, nearly six months later, GSA has yet to offer IaaS via Apps.gov. In the blog post, Davie writes that blankets purchase agreements for IaaS and e-mail as a service will be ready soon.
"These vehicles will make it easier for our customers to compare services and acquire what they need from the cloud," she said.
Davie addressed what she described as four "cloud computing myths": that clouds can be "anything"; that public clouds aren't secure; that agencies lose control of their data in the cloud; and that moving to the cloud is difficult to do.
All of these challenges can be overcome, she argued. For one thing, there are baseline characteristics for cloud architecture, and not all clouds are created equal, Davie said.
Moreover, while public clouds are not inherently secure, agencies can customize the controls to lock down data and applications in the cloud. They should weigh carefully what they choose to put in the cloud, as not everything is suitable for a cloud environment, she said.
Agencies can demand strict service level agreements to ensure they maintain control over data and applications and aren't being taken advantage of by cloud service providers, Davie said.
Davie acknowledged that it can be difficult to move systems to the cloud if a measured approach isn't taken. She recommended that agencies use a phased process on a “time line that makes sense.”
"If an agency is facing a technology transition that requires a large capital investment, say in hardware, then making that technology transition may be easier and faster in the cloud," Davie wrote.
But Davie also urged caution. "Every time you move data or applications, there is risk," she wrote.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.