By Lee Tamassia (part 2 of a 4-part series)
The National Institute for Science and Technology (NIST) has defined cloud computing as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” (The NIST Definition of Cloud Computing)
Cloud computing represents tremendous potential for technological innovation within the Federal Government by enabling agency personnel to quickly and easily provision computing resources and capabilities, while supporting the elasticity necessary to scale these resources larger or smaller to meet demand.
Cloud computing accomplishes this by shifting the paradigm for IT services from “on-premise” deployments with relatively fixed capacity to a “utility” model where compute resources are available “on-demand,” similar to the way electrical power, natural gas, and water are delivered to homes and businesses from local municipal utilities.
Through virtualization of the hardware, cloud computing models are able to drive lower capital outlay requirements and increase the utilization and scale of the underlying infrastructure. Additional costs savings and operational efficiencies are gained through self-provisioning, management automation, and workload standardization.
Cloud Computing Service Models
NIST has defined three cloud computing service models that lay out the types of services end users can access on a cloud platform. The Software-as-a-Service (SaaS) model allows agency personnel to access applications through a thin client, web browser or program interface. The application is deployed on infrastructure that is owned and managed by the cloud service provider and is accessed by end users over a network. Common examples of SaaS product offerings include hosted email services, such as Gmail, and ERP/CRM applications, such as Workday and Salesforce.com.
By utilizing a Platform-as-a-Service (PaaS) offering, Federal agencies are able to quickly develop applications by purchasing access to development tools, databases, and other application development services that are hosted on the provider’s cloud infrastructure. For example, Microsoft’s Azure offering provides end users with tools to develop applications for mobile devices, websites, games, etc. Developers leverage application programming interfaces (APIs) and other tools available within the Azure environment.
Infrastructure-as-a-Service (IaaS) product offerings allow agency personnel to purchase on-demand access to compute and storage resources. End users are allocated virtualized access to the underlying hardware infrastructure, which is owned and operated by the cloud service provider, but maintains control over their operating system and software environment. An example of an IaaS product offering is the Amazon Web Services Elastic Compute (EC2) cloud.
Cloud Computing Deployment Models
NIST has also defined four cloud deployment models that lay out the nature of “how” a cloud is deployed and “who” is able to access resources on the cloud.
- A “private cloud” consists of infrastructure components that are operated exclusively for a single entity. A private cloud may be managed by the entity accessing the cloud or may be managed on behalf of the entity by a third party.
- A “public cloud” provides access to resources that are deployed on infrastructure that is generally accessible for public use and is typically multi-tenant in nature.
- A “community cloud” is a cloud that has been developed to serve the needs of a limited group of entities that share a common set of functions and objectives. While generally not accessible to the public, a community cloud does not conform to the single-tenant model associated with private cloud deployments. Rather, a community cloud shares some characteristic of both public and private clouds, allowing for multi-tenant access to the cloud infrastructure for similar “types” of organizations while restricting others from accessing them.
- Finally, a “hybrid cloud” is a cloud deployment that combines multiple cloud environments, often consisting of a mix of public, private, and/or community clouds, and often integrated with existing agency IT assets.
Cloud computing holds the potential for a significant paradigm shift in the way Federal agencies utilize IT infrastructure and services, with corresponding impact on how these agencies acquire such services. The current landscape of Federal IT is often characterized by duplicative resources, “stove-pipe” deployments, low utilization of assets, and complex management environments.
As stated in the Federal Cloud Computing Strategy, “Cloud computing has the potential to play a major part in addressing these inefficiencies and improving government service delivery.”
Indeed, “cloud computing holds tremendous potential to deliver value by increasing operational efficiencies and allowing agencies to respond faster to constituent needs.” (Ibid).
Additionally, cloud computing holds tremendous financial benefits for the Federal Government in terms of cost savings. Based upon budget estimates that were reported to the Office of Management and Budget (OMB), it is estimated that approximately $20 billion of the current $80 billion in Federal IT budget could be migrated to cloud-based solutions.
The Migration is Underway
As agencies migrate, they will likely utilize a combination of service and deployment models including SaaS, PaaS, and IaaS offerings deployed in public, private, and community clouds, as well as combining cloud resources into hybrid models.
Many potential solutions have already been developed by Federal agencies and commercial entities.
The Defense Information Systems Agency (DISA) is providing IaaS and PaaS services in a private cloud scenario to Department of Defense (DOD) end users through its Rapid Access Computing Environment (RACE). (Defense Information Systems Agency Rapid Access Computing Environment)
Amazon Web Services (AWS) has introduced GovCloud as an example of a community cloud focused on addressing the specific compliance requirements of the Federal Government.
GovCloud provides compliance to the Federal Information Security Management Act (FISMA) as well as an added a layer of permissions that restricts physical and logical access to U.S. Persons enabling users to process and store data covered by International Traffic in Arm Regulations (ITAR). (AWS GovCloud (US))
Indeed, the migration to cloud services is already occurring among a variety of Federal agencies, and the pace is only expected to increase. The U.S. Army recently allocated $250 million towards the development of its APC2 private cloud focused on achieving higher efficiency and greater flexibility. (USDA Moves to the Microsoft Cloud, Dec. 8, 2010, USDA News Release). The Army deployment will provide SaaS, PaaS and IaaS service options.
The General Services Administration (GSA) has allocated approximately $21 million to migrate many of its public-facing web properties including USA.gov and Data.gov to public cloud infrastructure. (GSA Moving USA.gov, Data.gov To Public Cloud, Jan. 25, 2012, InformationWeek Government)
Additionally, GSA is migrating its 17,000 users to a SaaS-based cloud email system utilizing Google’s Apps for Government. (GSA Becomes First Federal Agency to Move Email to the Cloud Agencywide, Dec. 1, 2010, GSA)
Similarly, the Department of the Interior (DOI) has announced plans to migrate all 88,000 of its employees to a cloud-based email and collaboration system and is actively soliciting vendors for potential solutions. (Interior rebids cloud email contract, Feb. 8, 2012, Nextgov)
In fact, according to GSA, 15 federal agencies have identified 950,000 email accounts across 100 disparate email systems that will be migrated to the cloud. (FedRAMP: Moving to Trust-Based Cloud Computing Security, Dec. 9, 2011, GSA Blog)
The U.S. Department of Agriculture (USDA) represents a significant portion of this overall count. In December 2010, USDA announced that it was on the verge of going live with a full migration of 120,000 users to a commercial cloud service developed by Microsoft and Dell offering Enterprise Messaging Services (EMS) supporting a variety of applications including email, web conferencing, collaboration, and instant messaging. (New details emerge on Army cloud initiative,” April 6, 2012, DEFENSESYSTEMS)
Despite the relatively modest start, the Federal government has stated that it expects cloud adoption to triple by 2013. Indeed, according to a study recently published by government market research firm INPUT, “Organizations are gun-shy about migrating capabilities—especially mission-critical capabilities—to ‘the cloud’. However, the convergence of tight budgets, aggressive market players, and increasing acceptance of the cloud computing model will fuel an uptick in demand for cloud computing.” (Evolution of the Cloud: The Future of Cloud Computing in Government, March 2009, GovWin)
Part 3: Leveraging FDCCI to Position Your Agency Within Cloud Hubs