The Defense Department faces pressure — as do all federal agencies — to reduce information-technology spending and increase resource efficiency through cloud computing.
In July, the department unveiled its ambitious new cloud computing strategy, which builds on a similar Obama administration strategy to address challenges, requirements and goals specific to Defense.
The strategy serves as a roadmap to guide the department’s transition to cloud computing — a task of Herculean proportions, particularly in light of its many component organizations. The new cloud strategy “introduces an approach to move the department from the current state of a duplicative, cumbersome and costly set of application silos to an end state,” according to the strategy. The goal will be an “agile, secure and cost-effective service environment that can rapidly respond to changing mission needs.”
This new strategy includes notable efforts to establish effective governance over the department’s cloud initiatives. It calls for the establishment of an Enterprise Cloud Broker to manage the use, performance and delivery of cloud services, while also negotiating the relationships between cloud providers and cloud consumers. In addition, the Defense Department’s chief information officer will establish a joint enterprise cloud computing governance structure to drive the necessary policy and process changes and ensure an enterprise-first approach to adoption.
In establishing these two governance structures, the department laid the foundation for success. Private sector organizations that have built and implemented cloud strategies for themselves, and for their government customers, understand that governance is the single most important element in successful cloud transitions of any size and scope.
However, without understanding each and every agency function, any cloud migration can fail to realize the expected savings and efficiencies. This is where cloud-computing governance comes in.
Governance is the traffic-control system that keeps the transition to the cloud, and the resulting service-based environment, moving smoothly. If governance is too loose, the system devolves into chaos. If governance is too constricting, progress slows to a crawl.
Generally speaking, governance keeps all parties on task by interpreting and adhering to the same set of standards. For a successful transition to the cloud, effective governance should:
• Set uniform standards and ensure that all departments and entities use the same lexicon.
• Identify key challenges to address and prioritize organizations and applications in terms of their readiness to move to the cloud.
• Provide the framework of metrics, measurement and output that define, guide and evaluate the move from direct control to service-based delivery — the heart of the cloud transition.
Effective governance takes a broad view of the entire cloud process to exponentially increase the probability of success for the Defense Department and any other government agency. Ineffective governance, on the other hand, often fails to address the service-based aspect of cloud computing and focuses instead on individual applications. This results in poorly executed cloud strategies full of holes, patches and add-ons that negate the potential gains of the cloud, which is the reason Defense and other agencies elected to move to the cloud in the first place.
The department has already appointed the Defense Information Systems Agency (DISA) as the cloud broker tasked with oversight of all cloud purchases. According to a July memo from the Chief Information Officer Teri Takai, “the broker provides an organizational focus point to consolidate cloud service demand at an enterprise level, and negotiate for the best service usage rates across the DoD” and will help it “tailor the availability and delivery of cloud services based on technical and mission requirements.”
The department can lean on the governance model Information Technology Infrastructure Library (ITIL) to help answer potential questions that will come as a result of transition. This governance is the standard to follow in IT service management. Therefore, it has direct applicability to any and all cloud migrations. It has the structure, the lexicon, the questions and the measurements needed for a governance framework for migration to service-based delivery. It can save the department from reinventing something that can already be applied and leverage the investments its components or industry have made in ITIL certification and training.
As leaders put in place the joint enterprise cloud computing governance structure and carve out a role for the Enterprise Cloud Broker, they will have numerous resources to guide their transition. Industry and other federal agencies have case studies and best practices that can guide them with planning and implementation. Defense has an opportunity to build on the following lessons learned from previous cloud transitions in industry and government.
It should first give the Enterprise Cloud Broker a strong role in assisting agencies. As the cloud broker, DISA should become the trusted advisor for the myriad department components involved in the new cloud computing strategy. Yes, the broker should provide Defense with cloud providers for consideration, but the role goes beyond that. Along with answering questions and supporting cloud governance, DISA must serve as a neutral third party that pursues and identifies additional opportunities to create a stronger, more economical cloud.
The Defense Department should also coordinate the transition to a cloud services model with concurrent efforts to consolidate data centers. Many organizations incorrectly assume that data center consolidation should, by definition, smooth the way for their migration to cloud computing. In fact, data center consolidations that fail to consider cloud computing can make that migration more complicated and more costly. Only by coordinating consolidation and migration can the Defense Department avoid the time and expense involved in breaking down a brand-new, consolidated architecture in order to build a solution that allows a seamless move to the cloud.
The department needs to also develop clear service level agreements and corresponding metrics to ensure performance. Cloud governance should recognize that every decision affects the entire cloud migration. The agreements and metrics should set the bar by recognizing and supporting the intersections of key components such as reliability, availability, survivability, storage, network capabilities and more. Effective governance approaches to service level agreements and metrics with the big picture in mind ensure that all components are in agreement before the migration to cloud computing begins.
There must also be an understanding of the interdependence of applications. The interdependence of applications is a complex web of connections between functions, applications and interfaces. No application or function truly stands alone. Governance should map out each system before it moves to the cloud to identify possible challenges. For example, what else does this application touch? What does it capture? Where does it report? By mapping out connections and intersections across every application, governance ensures that the new cloud robustly supports every function without leaving behind any links during transition.
The Defense Department should also understand the interdependence of organizations. For such a vast organization, governance should take care to understand the interdependency amongst other organizations. Imagine personnel’s paychecks: The department regularly interacts with the Social Security Administration and the Office of Personnel Management. Governance should examine any function or application moving to the cloud in terms of how it affects interactions with other agencies and organizations.
Governance is the overarching principle that unites IT and the mission to ensure that the Defense Department is able to execute the transition. Many transition strategies fail because they try to build a structure or processes based on how organizations should work instead of working within the existing governance structures.
A successful cloud transition offers numerous rewards for the department and the military. It reduces IT costs, increases operational efficiencies, secures access to mission-critical data and services anywhere in the world and gives personnel greater mobility and improved mission effectiveness. The transition will be a complex endeavor for an enterprise as large, diverse and geographically dispersed as the Defense Department. A strong and steady governance will help it navigate the cultural, regulatory and policy landscape, as well as coordinate and align the technical pieces.
By applying lessons learned from past cloud transitions across industry and government, officials can build on their cloud strategy’s strong foundation to achieve an enterprise-first cloud environment. John Lambeth is a senior vice president and the chief information officer for QinetiQ North America. Keith Rhodes is the chief technology officer for QinetiQ North America’s Services and Solutions business unit.Photo Credit: iStockphoto