Cloud vendors get $77M opportunity from GSA
11 contractors approved to sell IaaS through storefront
Standards are up in the air, security questions linger and
misconceptions abide, but the push to the cloud continues to gather
strength, this time from the General Services Administration’s
five-year, $76.5 million blanket purchasing agreement for infrastructure
as a service (IaaS).
Via the government’s cloud services storefront, Apps.gov, the 11
contract winners can provide federal, state, local and tribal
governments with cloud storage, virtual machines and Web hosting
services. Contract-holders range from single providers to teams.
Stand-alone contract winner Verizon Business will provide IaaS via
its cloud computing platform and will offer virtualization and data
center consolidation services.
Although use of cloud in government might be sparse — no bigger than a
man’s hand, as some would have it — that’s on the brink of change,
said Susan Zeleniak, president of Verizon Federal Business. In public and private enterprises, “the use of everything as a service is
really starting to blossom,” she said. “And our experience in most
technologies is that once a few people figure it out, then a whole lot
of people figure it out. So we really expect this to be a game changer.”
The company recently won a Schedule 70 federal agency contract to
provide primarily computing as a service, also referred to as platform
as a service, Zeleniak said.
GSA IaaS contract winner Apptis Inc., partnered with Amazon Web
Services, also has seen interest and implementation of
cloud services increase. It already has a handful of federal agency cloud
customers, including the Homeland Security Department, through GSA’s
Schedule 70, said William Perlowitz, vice president of advanced
technology at Apptis.
One customer agency is redeveloping its public-facing website in the
cloud, Perlowitz said. “So we’re doing the agency’s public website for
something like $7,000 a month,” he said. “The argument for cloud doesn’t
get more compelling than that.”
But as compelling as controlling cost is, it is cloud security that
makes agency CIOs twitchy — one reason federal agencies “tend to be
interested primarily in private clouds,” Zeleniak said.
Security was the top cloud concern for 75 percent of IT executives in
IT research consulting firm IDC’s 2008 enterprise panel, and that level
of concern continues, according to the National Institute of Standards
and Technology.
Security is also a top concern at Verizon, said Ken Biery, cloud
security strategist at Verizon. For example, he said “on our IP
network, we have more than a million sensors that sit on our backbone
and that’s where we gather information about activity, and we can
identify user devices or nodes that are trying to attempt malicious
activity,”
Such efforts by the telecommunications company to secure its global
IP, wired and wireless networks is one reason “we think we’re in such
a good position to support government networks from a security
perspective,” Zeleniak said. “It’s what we do for a living.”
But if all roads lead to Rome, the roads themselves are not
identical. Apptis is a pioneer in a new contracting niche, that of a
cloud broker to handle acquisition and maintenance of cloud services.
“Cloud brokers act as intermediaries to explain the requirements of
government to cloud vendors, so the customer has a single point of
contact for everything,” Perlowitz said.
Although government business processes often resemble those in
private enterprise, federal agencies have requirements that
private-sector organizations don’t have, such as government-only data
centers located only in the United States and Section 508 accessibility
standards.
“Government also has billing requirements,” Perlowitz said. “They
need monthly billing, and they need to have a ceiling set. While private
enterprises can just give us a credit card number and use what they
need, government can’t.”
The company’s FedCloud portal, with Amazon Web Services’
infrastructure serving as the back end, “only lets agencies select those
services that meet government requirements and makes it easier for
agencies to comply,” he said.
A prerequisite for all GSA Cloud IT contract winners is certification
and accreditation, at the Federal Information Security Management Act moderate impact data security level, by GSA’s Office of the CIO.
That GSA-awarded authority to operate immediately advances agency
cloud service acquisitions to the 80 percent mark for FISMA compliance,
Perlowitz said. “Agencies are then responsible for only 20 percent —
ensuring their applications are FISMA-compliant,” he added. “We do the
operational work, and the customer adds the application piece, which
means agencies effectively shift 80 percent of the work [toward ensuring
FISMA compliance] to us.”
Although the total contract is for $76.5 million over five years,
that spending is likely to soar, in part from the push to the cloud by Federal CIO Vivek Kundra.
“In total, spending on public IT cloud services, [excluding private
cloud spending], will grow from $16.5 billion in 2009 — a modest,
recession-driven haircut from last year’s forecast — to over $55 billion
in 2014,” said Frank Gens, senior vice president and chief analyst at
IDC. “This is scorching-fast growth of 27 percent per year.”