In 2012 when the Government Accountability Office reviewed the feds cloud computing effort, it found seven core challenges to moving impeding the administrations’ move toward the cloud.
+More on Network World: The FBI’s big, bad identification system+
In the two years that have passed, the GAO this week reported that government agency use of cloud computing has grown, but a few new challenges have cropped up that hinder widespread cloud adoption.
Lets start with cloud adoption. The GAO reviewed the same seven agencies in 2014 it had in 2012, including the Departments of Agriculture and Homeland Security. “Each of the seven agencies reviewed implemented additional cloud computing services since GAO last reported on their progress in 2012. For example, since then, the total number of cloud computing services implemented by the agencies increased by 80 services, from 21 to 101. The agencies also added to the amount they reported spending on cloud services by $222 million, from $307 million to $529 million. Further, the agencies increased the percentage of their information technology (IT) budgets allocated to cloud services; however, as shown in the table, the overall increase was just 1%,” the GAO stated.
The agencies collectively reported cost savings of about $96 million from the implementation of 22 of the 101 cloud services. These savings included both one-time and multiyear savings. For example, the General Services Administration saved $2.6 million by migrating to a cloud customer service solution, and Homeland Security saved $1.2 million from fiscal years 2011 through 2013 by implementing a cloud-based collaboration service., the GAO stated.
Agency officials cited two major reasons for why the other services they had implemented did not save money. First, a motivation for changing to some of the cloud-based services was not to reduce spending, but to improve service. Second, in selected cases, the cloud computing service opened up a new service or provided a higher quality of service; while this provided useful benefits to the agency, the associated costs negated any savings, the GAO stated.
The GAO then went on to look at what it called formidable challenges as agencies move their IT services to the cloud. The three new challenges it defined are:
Network infrastructure: Meeting new network infrastructure requirements. Current network infrastructure, topology (network configuration), or bandwidth (data transmission rate) is often insufficient to meet new infrastructure needs when agencies transition to cloud computing services. For example, officials at State said that legacy systems with a particular infrastructure designed to meet certain federal requirements will need to be reengineered to work in a multi-tiered cloud environment. USDA officials stated that they would need to consider redesigning their network topology to accommodate new cloud service bandwidth requirements and traffic streams.
Experience: Having appropriate expertise for acquisition processes. Migrating legacy systems to cloud computing services requires knowledgeable acquisition staff and appropriate processes. For example, HHS officials stated that while the department has the capability to purchase cloud services, it has found post award management to be a challenge. These officials added that to respond to this challenge, HHS is working with its personnel as well as other stakeholders, such as GSA, to develop best practices for cloud post award management and related acquisition activities. In addition, DHS officials said that efforts to transition from legacy systems to cloud computing services require streamlining their IT services supply chain, which requires an evaluation of the component processes and time to fully implement this transformation.
Money: Funding for the initial implementation of a cloud service can be a significant cost to agencies. For example, officials at State said that the cost of migrating an application to a cloud service poses a challenge in the current budget environment where IT budgets are declining. In addition, GSA officials stated that initial implementation requires additional funding that has not been made available.
Holdover issues from 2012 included a couple of old stalwarts:
Meeting federal security requirements: Cloud vendors may not be familiar with security requirements that are unique to government agencies, such as continuous monitoring and maintaining an inventory of systems. For example, State Department officials described their ability to monitor their systems in real time, which they said cloud service providers were unable to match. U.S. Treasury officials also explained that the Federal Information Security Management Act's requirement of maintaining a physical inventory is challenging in a cloud environment because the agency does not have insight into the provider's infrastructure and assets.
Overcoming cultural barriers: Agency culture may act as an obstacle to implementing cloud solutions. For example, a Department of State official explained that public leaks of sensitive information have put the agency on a more risk-averse footing, which makes it more reluctant to migrate to a cloud offering.
“While the collective and individual agency gains in implementing such services are commendable, the seven agencies are still only investing a small fraction of their IT budgets on cloud computing. The agencies’ modest level of cloud investment is attributable in part to the large number of legacy investments — nearly two thirds of all investments— that have yet to be considered for cloud migration,” the GAO concluded.
Check out these other hot stories: