WASHINGTON -- It may be a slow process, but the federal migration of government IT systems to the cloud is building steam, a panel of senior government officials said Wednesday here at the Brookings Institution, a prominent Washington think tank.
They described a thicket of issues impeding the shift to the cloud, particularly concerns over the security and privacy of sensitive data, as well as the cultural reluctance on the part of some CIOs and managers to embrace a technology they continue to view as longer on hype than promise.
But the payoffs could be significant, and the White House is leaning on the agencies to develop preliminary plans for shifting to the cloud. With a hulking federal computing infrastructure that amounts to a $76 billion annual budget, the cloud is beginning to win acceptance as the next wave of government IT, if only gradually.
"There's no question why we in the federal government are focusing on cloud computing -- lots of reasons that basically boil down to cheaper, faster, greener," said David McClure, associate administrator of the Office of Citizen Services and Communications at the General Services Administration.
"Thats essentially the power behind cloud computing," he said. "We're not doing it just for the heck of it."
At the same time, McClure noted that significant challenges remain. In addition to the security and privacy concerns that currently rank as the chief impediments, adoption of the cloud is further hindered by resistance among some senior IT managers, he said, noting the importance of education and training to explain the benefits of the new service-based mode of computing to get beyond the buzzword.
But defining what, exactly, cloud computing is remains a sticking point. The National Institute of Standards and Technology (NIST) is currently on the 15th revision of its official working definition of the term.
NIST, the division of the Commerce Department responsible for shepherding along the process of setting technical standards, is currently at work developing a common framework for the new wave of computing technologies.
Earlier this month, for instance, NIST issued a set of security guidelines for virtualization technologies, and later this year plans to release a preliminary document offering guidance on cloud computing.
Through its cloud-computing work, NIST plans to release an interim set of standards as a public Web portal to serve as an interim framework while the numerous stakeholders from industry, academia and government work through the more protracted and permanent standards-setting process.
"It takes time to build consensus," said Dawn Leaf, senior executive for cloud computing at NIST. "It takes time to have innovation in a new technology. It takes time to ensure that standards are of the quality and completeness such that they will support industry and requirements in the long term and be broadly adopted."
NIST's public portal for interim cloud standards is set to go live later this year. The portal is an outgrowth of NIST's project with the cumbersome name Standards Acceleration to Jumpstart Adoption of Cloud Computing, or SAJACC.
While the final definition of cloud computing remains a work in progress, officials have settled on several defining characteristics. Notably, cloud technologies are service-based, rather than being sold as individual products. They are elastic and scalable, generally available as a shared resource where usage can be metered, and they are made available over IP networks.
While those characteristics can help inform the conversation with federal IT managers, many remain skeptical of a technology that is still knocked for being heavier on hype than real savings in cost or efficiency.
"Whoever developed the cloud concept, I wish we could almost rename it," McClure said. "Because we are now so wrapped around the abstraction of cloud computing that it's starting to lose its ability to even communicate with diverse audiences on what cloud computing is."
To win the support of federal CIOs and their subordinates throughout the government IT hierarchy, cloud proponents need to demonstrate, as with any other technology undertaking, a real and tangible benefit.
"It remains an abstraction," McClure said. "We need to get down to the specifics as to what cloud computing really offers for us in the government compared to other computing approaches."
He also bemoaned the complex and lengthy procurement process that dogs government IT. In the interest of spurring deployment of the cloud, GSA has set up Apps.gov, an online storefront for cloud firms to promote their offerings to federal IT buyers.
Launched last September, Apps.gov has focused on lightweight software-as-a-service offerings. But later this year, McClure said it will expand to include more infrastructure-oriented cloud technologies, such as storage and virtualization solutions, where enterprises enjoy some of the largest cost savings.
"We've got to figure out how to simplify cloud acquisitions," McClure said.
One of the ways around the issues of security and control that make some businesses wary of cloud computing is to build a private cloud -- one that remains within the corporate firewall and is wholly controlled internally. Private clouds also increase the agility of IT an organization's IT infrastructure and make it easier to roll out new technology projects. Download this eBook to get the facts behind the private cloud and learn how your organization can get started.