Lessons from DOD's bumpy adoption of cloud computing
- By Stephanie Meloni, immixGroup
- Feb 27, 2014
Don’t expect much speed as the federal government moves toward cloud solutions.
At a January AFCEA luncheon, Tim Rudolph, U.S. Air Force senior leader for integrated information capabilities, gave an analogy of how the military services are testing the waters with cloud adoption:
- The Army is in the water up to its knees.
- The Air Force is in a car near the edge of the water with a kayak strapped to the roof.
- The Marine Corps is wading in with a knife in its mouth.
- And the Navy is digging its own pond.
His tongue-in-cheek comments highlighted the uneven approach the military departments are taking to cloud adoption.
The Army is the farthest along, particularly with its move last year of both unclassified and classified email accounts to the DOD Enterprise Email service, hosted by the Defense Information Systems Agency. The Air Force more recently joined the Army in using DEE, although Air Force participation is limited to just unclassified email accounts for the time being.
The Navy and Marine Corps appear to be taking a more cautious approach to using DISA’s enterprise cloud functions, and rely to a greater extent on their own private architectures.The Navy, however, has turned to commercial cloud providers like Amazon Web Services for some of its non-sensitive functions.
Despite these measured moves, most agencies have yet to shift a substantial portion of their portfolios to the cloud. This will complicate the department’s move toward the Joint Information Environment concept, which relies on cloud technology to bring about its vision of greater shared services and interoperability.
The Navy and Marine Corps have not embraced DISA’s cloud-hosted DEE, mainly due to cost. They have argued that their own internally developed, enterprise-wide email system is more economical and are in the process of performing a business case analysis.
Furthermore, cultural factors are also playing a role in cloud adoption. Users that migrate to the DEE have to give up their “service branch.mil” email addresses in exchange for a more generic “mail.mil.” While a small and seemingly insignificant change, this might contribute to the feeling of giving up autonomy within the services. Cloud adoption also requires compromise among engineers – there needs to be tradeoffs in vetting solutions – which certainly contributes to delays with implementation.
Another major issue impeding cloud adoption involves security of data within the cloud.
FedRamp (Federal Risk and Authorization Management Program), a rigorous certification process that forces a government-wide security standard on all cloud services, was created to alleviate security concerns. DISA has complained that the current pool of FedRAMP-authorized cloud service providers is too small and needs to grow to offer the government the best mix of services and security.
The number of certified vendors is expected to increase as the federal cloud market expands, but because certifications can take six-to-nine months to complete, it may be some time for the process to clear any backlogs. DISA will be putting its own internally developed cloud solution through the FedRamp process in solidarity with industry.
Despite these impediments to cloud adoption, the future is looking brighter.
Those who have migrated to cloud-hosted services are reporting initial success.
The Air Force has been very happy with its migration to DEE and even admitted that DISA is doing a better job internally with their email systems than the Air Force had, Essye Miller, director of information management for the Office of the Administrative Assistant to the Secretary of the Air Force, said to attendees of a February AFCEA event. Many of the details surrounding how DOD will implement cloud solutions are still fuzzy, and there are still many questions and security sensitivities that need to be addressed before the ball can truly get rolling.
The demand for cloud is there, but like all new initiatives in government, there are many barriers that serve as an impediment to the implementation process. Industry can drive progress by working with the services to identify some quick wins – that is, projects that will easily transition to a cloud environment.
Folks in industry should also work with the government to help plan out all cloud projects properly so that they can be executed efficiently (and be honest, even in cases when it might seem that the cloud may not be the best solution).
Successful cloud projects and lessons learned will inspire others in government to look at how cloud solutions might benefit their agencies, as well as see examples of how others were able to overcome roadblocks. As cost savings and efficiencies are realized over time, industry can be optimistic that the government will gain confidence in cloud, and implementation finally will begin to catch up with demand.
Stephanie Meloni is a manager on the Market Intelligence team at immixGroup, an Arrow company, which helps technology companies do business with the government. The team utilizes a research-driven approach to help technology companies develop successful business strategies to sell to the public sector. She can be reached on LinkedIn at www.linkedin.com/in/stephaniemeloni.