General Services Administration Chief Information Officer Casey Coleman shares her thoughts on the state of federal government cloud computing and what’s in store for 2012.
What’s the ‘State of Cloud Computing’ at GSA? What initiatives have you implemented or plan to implement in 2012?
As you may have read, in December of 2010, we awarded a task order for a cloud-based email and collaboration suite, bringing Google Apps to GSA and making us the first federal agency to wholly convert its email systems to the cloud.
The contract provides for an easily accessible suite of services, including email and collaboration tools, to facilitate a more mobile work force. While agencies have moved sub-entities’ emails to the cloud, GSA is the first to utilize a cloud-based system for email agency-wide. The migration will result in a 50 percent savings over the next five years when compared to current staff, infrastructure, and contract support costs.
GSA continues to look for and find opportunities to utilize cloud services, as directed in the Federal CIO’s 25-point Plan and the Federal Cloud Computing Strategy. We will continue to work with the industry to ensure cloud solutions evolve in the areas of security, compliance and accessibility.
GSA will continue adoption of cloud technologies to reduce costs, modernize systems and improve operations. The cloud presents opportunities to automate agency business processes and back-office applications. It also helps us move data center components to the cloud, including storage, hosting and virtual machines.
GSA is currently renovating and modernizing its headquarters at 1800 F Street. When the first phase of these renovations are completed in early 2013, we will move back in, consolidating teams located in three separate office buildings into one space. With more people using the same space, we will be teleworking more, and it’s vital that we have the mobility tools and cloud-based solutions to do so effectively.
Finally. GSA recently procured a license with Salesforce to utilize their cloud services for a platform on which to host our legacy enterprise applications.
What’s been GSA’s role in implementing cloud computing outside the agency? Examples?
GSA shares its lessons learned with the federal IT community via the The Federal Cloud Computing Initiative (FCCI) working groups. We also participate in the implementation and operation of the Federal Risk and Authorization Management Program (or FedRAMP) as a voting member of the Technology Evaluation Board (TEB). GSA has a leading role on FedRAMP, along with NIST, DoD and DHS, and in coordination with the CIO Council. We’re in the process of consolidating comments on the Proposed Security Assessment and Authorization for U.S. Government Cloud Computing guide that will lead federal agencies in the pursuit of cloud computing. GSA has also been sought out by other agencies for advice on how to implement cloud solutions such as Google Mail.
We have also shared on GSA.gov information about how we procured the cloud services for our move to Google: http://www.gsa.gov/portal/content/214321
What are the top 3 challenges you see around implementing cloud?
- Communicating the business value to an organization that has to switch over to new processes
- Ensuring that the cloud solutions evolve in the areas of records, Freedom of Information Act (FOIA) compliance and accessibility.
- Ensuring data security; it is critical to integrate current IT Security measures with the cloud system.
How have you overcome these?
- We view communications as a vital part of the process, and communicate our vision and the effect on users early and thoroughly, through multiple channels and methods.
- We performed a thorough analysis to ensure that cloud solutions provide the best value for the tax dollar while allowing the agency to fulfill its mission
- GSA worked closely with our security and Records staff to identify ways to meet all the applicable regulations and requirements.
What’s your general advice to agencies implementing cloud and how can they leverage GSA?
If I could draw one conclusion from GSA’s experience, I would say, “this is doable.”
There are going to be many challenges, some of which are unique to cloud and many of which are common to any IT initiative. You will have to deal with user education and communications, information security compliance and operations, how to structure your provider agreement to give you the appropriate visibility and controls. All of this can be done and the benefits can be substantial.
GSA is also developing procurements for cloud services for use by other agencies. Late last year we awarded a Blanket Purchase Agreement for Infrastructure as a Service, offering web hosting, virtual machines and storage on demand to help agencies achieve cost savings, efficiencies, and modernization without having to expend capital resources expanding their existing infrastructure. IaaS offerings through GSA include on-demand self-service that allows government agencies to purchase resources as needed. Authorities to Operate are being granted as we speak and there are currently about a half-dozen vendors offering this services. In September, DHS used the BPA to make an award to consolidate all its public-facing websites, migrating them to a public cloud hosting services.
In addition, GSA is currently conducting a procurement for Email as a Service. The lessons we learned in going through our own migration will inform these and future procurements, and agencies throughout government will be able to easily acquire cloud services using these contract vehicles.