Federal Government Cloud Adoption
No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, internal politics, restricted budgets and a cultural resistance to change have set the federal sector years behind its private sector counterparts. Data and information security concerns have also been a major contributing factor inhibiting the adoption of new technologies such as the cloud. Keeping data on-premise has long-been considered to be the more secure option; however, ever-increasing incidents of hacking, data breaches and even cyber terrorism within government entities from the IRS to most recently, the Office of Personnel Management (OPM), indicate that change is needed, and fast.
Slowly, but surely, a technology revolution is taking place within the public sector. Due in large part to the introduction of the Obama administration’s “Cloud First” policy in late 2010, the establishment of the Federal Risk and Authorization Management Program (FedRAMP), a standardized approach for conducting security assessments, authorizations and monitoring for cloud technologies, as well as innovations in cloud offerings themselves, cloud adoption among federal agencies is taking off. The General Services Administration (GSA), Department of the Interior (DOI), the Department of Agriculture (USDA), NASA, and even the Central Intelligence Agency (CIA) and NSA are just a few of the many agencies who have embraced cloud solutions in recent months and years. Further, with IDC’s recent Federal Cloud Forecast projecting sustained growth through 2018, the public sector is nearing its tipping point in cloud adoption.
Should this trend continue as expected, below are three reasons that cloud adoption can be the answer to close the federal government’s technology gap.
Availability of Clear Guidelines for Cloud Adoption
In the past, government agencies lacked a clear roadmap for evaluating and selecting authorized cloud providers, making it difficult for the technology to break through in the federal sector. According to the FedRAMP website, this resulted in, “a redundant, inconsistent, time-consuming, costly and inefficient risk management approach to cloud adoption.”
The introduction of FedRAMP has provided agencies with much-needed guidelines and structure to accelerate the use of cloud technology in all facets of the government. Today, cloud systems are authorized in a defined (and repeatable) three-step process: security assessment, leveraging & authorization, and ongoing assessment & authorization. Among its benefits, the federal program estimates that its framework will decrease costs by 30-40 percent and will reduce both time and staff resources associated with redundant cloud assessments across agencies.
Incentives to Focus on Cyber-Security
In October 2015, U.S. federal government CIO Tony Scott professed his support for the cloud during a Google at Work webcast, saying:
“I see the big cloud providers in the same way I see a bank. They have the incentive, they have skills and abilities, and they have the motivation to do a much better job of security than any one company or any one organization can probably do.”
He’s right, and his comments represent a stark departure from the general consensus in the public sector just a few short years ago. Applying the same security measures and best practices to legacy, on-premise solutions requires both time and significant spend—both of which the government lacks. The competitive nature of the cloud business in recent years has challenged providers to adopt agile security practices, resulting in solutions that are secure, reliable and execute seamlessly. From email management systems to data storage services, continued cloud adoption at the federal-level will enable agencies to achieve long-term benefits that will eventually be impossible to achieve with on-premise systems, including advanced cybersecurity capabilities, guaranteed business continuity, as well as enhanced performance management functionality.
Bring Greater Efficiency in IT Spending
In February 2015, the International Association of Information Technology Asset Managers (IAITAM) released a report criticizing the U.S. government on its IT spending. The report suggested that while the federal government spends over six times more on IT per employee than its private sector counterpart, it also wastes 50 percent of its more than $70 billion IT budget due to a lack of standardization and controls. Combined, these factors have created a breeding ground for IT failures and exploits from threats inside and outside government walls. This is further indication that the existing status quo is inefficient and is putting the government (and U.S. citizens) at risk.
Over time, leveraging the “pay-as-you-go” model of the cloud, federal sector can decrease its IT spending, creating new efficiencies. Software and application management for example, which requires abundant resources to oversee in on-premise deployments, is virtually eliminated with a cloud-based solution. From business continuity and software maintenance to eventually, compliance and IT risk-related activities, the onus, falls on the cloud provider, not the customer. Thus, federal IT workers are freed up to focus on more mission-critical initiatives, rather than spinning wheels on inefficient technology, programs and processes.
While it will take some time before the cloud truly takes off in the federal sector, it’s hard to ignore the benefits that both the private sector and forward-thinking government agencies have seen with the technology to date. The time is now to make a change for good. If the U.S. wants to be viewed as one of the most technologically advanced nations in the world, it’s prudent that the government itself practice what it preaches, doing what’s needed to establish the country as a leader, rather than a follower, in this rapidly-evolving digital age.
By Vibhav Agarwal