Government Moves Toward Cloud Computing 'Perfect Storm'
As FedRAMP initiative ramps up, cloud service providers can look forward to clearer guidance from federal clients and a robust market as administration tech chiefs press on toward a 'Perfect Storm' in cloud computing.
Thu, February 16, 2012
CIO — WASHINGTON -- Amid mounting budget pressures and a maturing set of technologies, the federal government is poised for the rapid adoption of cloud computing services over the next several years, according to one of the senior agency leaders helping craft a government-wide cloud strategy.
While federal tech chiefs have long envisioned an environment in which agency storage and applications are hosted and shared throughout the government, the policy reforms required for such a shift, though still very much a work in progress, have recently come into focus and figure to precipitate a major migration to the cloud over the next several years, said David McClure, the associate administrator of the General Services Administration's Office Citizen Services and Innovative Technologies.
Perfect Storm Clouds"We've been trying with this on and off for the last couple decades," McClure said in remarks here at the Software and Information Industry Association's annual Cloud/Gov conference.
"I think we now have a perfect storm. We have a budget crisis, a new wave of technology that's actually entered in [to the government]. We have a new generation of CIO and IT leadership in the federal government that I think is very open to this kind of environment," he said.
McClure is one of the driving forces behind FedRAMP, the federal government's program to develop a uniform framework for federal cloud solutions, spanning the security, assessment, privacy and procurement considerations of the new deployments. FedRAMP, with its "do once, use many times" mantra, is currently in the prelaunch phase, with the initial, "phased rollout" scheduled to begin in June.
"We have to do it in stages and we have to test this as we go," he said. "We will use some of the initial time to kick the tires."
Several government bodies in addition to GSA are collaborating to develop the FedRAMP program, including the Departments of Defense and Homeland Security, the CIO Council and the National Institute of Standards and Technologies (NIST).
McClure explained that developing a common set of controls for cloud services across the departments and agencies is FedRAMP's most immediate priority, though the leaders of the initiative are not seeking to rewrite the security standards stipulated by NIST and the Federal Information Security Management Act (FISMA). Instead, the FedRAMP program aims to rectify the current situation McClure described that has seen each agency contort those standards to suit its own ends, achieving compliance while falling short of the spirit of the common IT security framework that NIST and FISMA attempted to create.