It’s been more than five years since the Obama administration issued its decree to federal agencies to initiate a “cloud first” IT strategy. Since then, despite the promise of greater agility and smarter IT utilization, the rate of cloud adoption has remained underwhelming.
Earlier this month, more than a dozen senior government and private sector IT leaders met at FedScoop’s headquarters to explore what still needs to happen to accelerate the adoption of cloud computing and its potential to innovate in government.
The not-for-attribution discussion touched on a variety of issues: from addressing the barriers agencies still face trying to adopt cloud computing to the lessons agencies have learned in piloting cloud computing projects. The executives, who included federal agency CIOs, chief technology officers and IT industry executives, were then tasked with developing a top priorities list for federal agencies to keep in mind as they consider their IT investment strategies.
Here are the six priorities they recommended:
1. Leveraging the benefits of cloud computing must begin with executive leadership, buy-in and air cover.
For agencies to innovate faster, and not simply use cloud computing to enhance their IT operations, it’s essential to have buy-in from agency’s top executives. Senior leaders need to understand the risks and rewards that moving to the cloud poses to their agency’s mission.
Just as importantly, they need to understand the risks and potential costs of not transitioning to the cloud as existing IT systems continue to reach the end of their useful lives. As one agency executive put it: “Delaying the move to the cloud can mean an agency will most likely face at least one more hardware recapitalization cycle — potentially costing tens of millions of dollars, if not more.”
“It’s not about giving us IT folks a laundry list of requirements and then backing away from the IT development process until the system is hatched,” said another agency executive. “Rather, true agile transformation requires them to partner with us every step of the way, from initial requirements through scrum iterations and testing to final roll-out and, where applicable, socialization with their external stakeholders.”
Once those risks and rewards are understood and the decision to move forward has been made, it’s then crucial that top agency executives demonstrate active support, or “air cover,” for the business owners and the IT team to keep cloud initiatives from running aground.
2. Cloud innovation must be accompanied by, and support, process transformation.
Agencies need to be clear about how they want to improve the value of the services they provide and chart an equally clear roadmap on how they want to get there, including how the changes will unfold.
Cloud services offer a different set of technology services to support an agency’s mission and business processes. But to leverage those capabilities, agencies need to do more than reengineer their business and IT processes — ranging from acquisition to testing to change control. They must instead put a premium on developing or adopting new processes that support transformational, value-adding changes, rather than merely enhancing their technology offering.
Additionally, agency leaders need to think through how those changes will impact customers, agency employees, as well as IT teams. That in turn requires developing a well-orchestrated plan for transitioning to cloud services and continually sharing those plans and progress reports with customers.
3. Government leaders must do more to remove the barriers and friction getting in the way of cloud adoption.
Navigating the government’s security accreditation rules, under the Federal Risk Assessment and Management Program, or FedRAMP, continues to be an arduous process for agencies as well as cloud service providers. Agency and industry executives all agreed more must be done to make the process to accredit services easier, faster and more transparent for agencies and cloud service providers. More must also be done to induce agencies to share and accept the documentation of cloud services once they’ve received FedRAMP approval, added some of the agency executives in our roundtable.
For their part, IT leaders also must do a better job of translating and connecting IT security risks to enterprise and mission risks to win greater institutional support for adopting cloud services.
Another barrier that gets less attention, but is no less troublesome, is the need by agencies for higher-volume network connections to outside cloud services providers. The constraint stems from governmentwide efforts to restrict the number of trusted Internet connections across the federal government as a security measure. But it’s frustrating, one agency executive said, to “take something absolutely cool, and use it in a slow way.”
“I still can’t connect to [cloud service providers] easily,” said another agency executive said. “You get a straw and I need a pipe.”
Agencies need to share best practices on how they have connected to the major cloud vendors while addressing FedRAMP authority to operate and security requirements, the executives said.
4. Start small, but do something. And focus on piloting business projects, not cloud projects.
Agency IT departments often make the mistake of independently piloting cloud capabilities to supplement their IT operations. Instead, they should look for business process bottlenecks or mission needs and help develop process improvement pilots that can take advantage of the deployment speed and economics of cloud services.
The advice of our roundtable executives: Start small, but select projects that are consequential to the mission; have a plan to take the next step toward a larger rollout; and ultimately create a transition strategy to move off legacy systems. Additionally, the participants in our roundtable recommended several strategies worth keeping in mind:
One agency executive advised that to obtain the biggest impact for the buck in a cloud project, agencies should move their development and test environments to the cloud.
“In our own study of cost savings, these two areas were the ones where we saved the most money – much more than just moving production systems to the cloud,” he said. “My argument to start small is to replicate your development and test environments to the cloud and use those to demonstrate to both the agency leadership and the customers that you can more quickly develop and test new applications and changes,” he said.
Another executive advised agency leaders to “avoid project direction by committee,” and instead, “choose a single product owner from the business side to take responsibility for organizing and aligning input from the various stakeholders on the business side. That frees up the tech team to focus on their job and avoid getting bogged down in political difficulties or slow responses.”
A third executive advised starting with projects that simplify infrastructure and that support the ability to transform internal operating processes.
5. Don’t shortchange the importance of education and marketing.
Expanding IT to the cloud inevitably adds layers of complexity to IT operations and the business processes that depend on IT. That’s why it’s crucial for IT leaders to educate agency executives and program managers on the risks and rewards of cloud services, and recognize the importance of internal marketing to demonstrate the value of cloud services to the mission of the agency.
That also means ensuring that IT and acquisition staffs get the training they need to successfully plan, acquire and execute cloud services initiatives.
6. Choose your cloud partners carefully.
Many vendors promise they can deliver cloud services that are suited for government, and have even succeeded in getting FedRAMP approval. But as one agency executive noted, whose agency had successfully completed a cloud migration, “You have to remember, adding cloud computing is really complex even for the smartest people on your staffs.”
And, cautioned another executive, “It’s not entirely in a vendor’s best interests to make it easy for us.”
“Choosing the wrong provider can have negative effects to that path. Convincing your organization to go to the cloud will require good execution and delivery of services to sustain that decision.”
The participants’ parting advice: Talk to other IT leaders who are going through the same path to the cloud and who have already worked with specific cloud service providers.