The Federal Government's Map of the Clouds
The NIST's Cloud Computing Technology Roadmap is designed to support the secure and effective adoption of cloud computing by federal agencies to reduce costs and improve service. "Having all these standards can provide a good baseline for the federal agencies in their procurement efforts, but I'm not sure it will lead to a template that can be applied across the board," said Carpathia Hosting's Michael Fox.
The U.S. government's plan to shift major chunks of existing and future information technology programs to cloud-based systems has proven to be easy to say but harder to do. Technical, cultural and financial issues are frequently raised by agency managers as barriers to adopting cloud technology.
Various initiatives have been launched to encourage cloud adoption at the federal level. The most recent is the Cloud Computing Technology Roadmap, issued in early November by the National Institute of Standards and Technology (NIST), a unit of the U.S. Commerce Department. The roadmap was released in conjunction with NIST's publication of its final definition of cloud computing.
The guide is designed to support the secure and effective adoption of cloud computing by federal agencies to reduce costs and improve service. The guide defines high-priority requirements for standards and outlines technology developments that need to be met for agencies to accelerate their migration of existing IT systems to the cloud.
"A key contribution of the roadmap effort is to focus the discussion to achieve a clear understanding between the government and private sector," said Dawn Leaf, NIST's senior advisor for cloud computing. The guide addresses specific technical steps that are "needed to move federal IT from its current early-cloud state to a cloud-based foundation, as envisioned in the U.S. Federal Cloud Computing Strategy," she said.
NIST Seeks Provider Comment
The roadmap, while quite detailed, is still somewhat of a work in progress. NIST released the guide as a "draft," and is seeking comment from both public and private sector organizations. NIST has organized the roadmap into three documents and will take comment on the first two volumes through Dec. 2.
The first document, "High Priority Requirements to Further USG Agency Cloud Computing Adoption," provides a general understanding and overview of the roadmap initiative and address such factors as: prioritized interoperability, portability and security requirements that must be met to further government cloud adoption; standards, guidelines and technology that must be in place to satisfy these requirements, and a list of Priority Action Plans. The guide provides target deadlines for meeting these objectives with time frames stretching from 2012 to 2017.
The second document, "Useful Information for Cloud Adopters," is a "nut and bolts" publication, according to NIST. It is a technical reference that is useful for those working on strategic and tactical cloud computing initiatives -- whether they work in government agencies or not. A third document, "Technical Considerations for USG Cloud Computing Deployment Decisions," is still under development.
"The NIST definition and the roadmap will definitely add some clarity in a progressive effort to better define what the cloud actually is," Michael Fox, director of government solutions at Carpathia Hosting, told CRM Buyer. "But this is not the end game either. The definition will likely expand as requirements and applications expand," he said.
"Having all these standards can provide a good baseline for the federal agencies in their procurement efforts, but I'm not sure it will lead to a template that can be applied across the board," Fox noted. "To some degree the agencies will have to do their own due diligence to see if a program actually fits into a cloud environment. An agency may come out and say it wants to put some program or function into a cloud as defined by the NIST. Or it can come out and say, 'we don't know what type of cloud we want but we want to move in that direction,'" Fox said.
Connecting With Private Sector
"For vendors, NIST's effort can help provide some standard definitions so providers can propose their offerings to an agency and see if there is a match. But you could also have vendors propose offerings that meet the government's cloud definitions and standards, but each vendor's offering is still a little different from another vendor in features and pricing. This is really an evolving process," he added.
"The NIST document is important. I see it as a standard to shoot for rather than one that people can get correct right out of the gate," Shawn McCarthy, research director at IDC Insights, told CRM Buyer. "As agencies begin to procure cloud services, it is important that there is a minimal set of requirements that they should look at and consider and then have a conversation with their provider," he said.
The references in the NIST guidance for implementing service level agreements (SLAs) with vendors as especially beneficial for federal agencies to consider in contracting, McCarthy noted. "Agency procurement people should definitely read the document," he said.
In a broader context, Fox noted that the federal effort in cloud technology and the NIST role in that process should eventually lead to more efficient and creative ways of managing IT.
"There is a lot of innovation going on in the private sector that government could tap into. Agencies should be seeking out those providers who offer that innovation. Cloud is not fad. It can be a transformative process," he said.
The value of having government and private sector cooperation in the effort to migrate federal IT systems to a cloud environment was stressed by Dr. Patrick Gallagher, the director of NIST, at a cloud technology forum at the agency's headquarters on Nov. 2.
"We have to create a roadmap for action on the cloud, since time is of the essence. On one hand it is imperative that we understand the challenges that federal CIOs and procurement officers face on a day to day basis," Gallagher said. "But on the other hand, we have to leverage the enormous technical resources that exist in the cloud provider community. In many cases the private sector believes it has the solutions to the barriers that these government CIOs face. So I envision this roadmap as a dialog between these two sides."