Federal Cloud Computing? Not so Fast!

When it come to cloud computing, technology innovation may be the least of the problems

On balance, I completely agree with Federal CIO Vivek Kundra about Cloud Computing. For the massive and costly Federal government, cloud computing may be just what the doctor ordered with its promises of improved utilization, lower operating costs, massive scale, and green-friendliness. Each Federal agency has its own mission-critical applications but they all run common servers, networks, and storage that could be centralized in the cloud.

Of course there are still plenty of technology obstacles to overcome. We still need to figure out a common development model for scale up/scale down cloud services. We need to be able to distribute and move compute loads in real-time. We need common data formats for portability and of course we need a strong security model. These are big but not insurmountable challenges --witness the progress of Amazon, Google, and Microsoft already. In the Federal space, DISA has overcome a lot of these hurdles and integrators like Northrup Grumman, CSC, and SAIC are building their own private clouds for future government use.

In my humble opinion however, technology is the least of the government cloud problems. Before cloud computing can gain wide spread use within the Federal government, we need to focus on important peripheral issues such as:

1. Culture. In Washington, everything is about ownership so no agency wants to trust its resources to another. We've already seen this mistrust in areas like the Cybersecurity Einstein project. Overcoming this barrier will take education, success stories, creative incentives or executive mandates.

2. Regulations. Many regulations assume physical devices with deterministic ownership. Shared cloud resources will demand that legislators put pen to paper to modernize numerous existing laws.

3. Governance. Similar to regulations, many organizations segregate and manage IT assets for security and/or ownership purposes. This doesn't work in a virtual cloud.

3. Managing cloud providers. Shared cloud services will require new contracts, auditing rules, SLAs, etc.

4. Security. This is obvious but the Federal government has its own set of controls as do individual agencies. There needs to be one set of standards that apply to all.

A lot of smart people at places like NIST are working on these issues but I worry about the human intangibles like ownership, accountability, politics, and culture. Since no technology solution can address these issues, I think Mr. Kundra needs to work with IT leaders, human resources specialists, and legislators to develop programs that incent and motivate changes in the actual people that work for the Federal Government.

• data center