This week I'm in Washington, D.C., speaking at a government cloud computing event and also meeting with congressional staff and agency personnel to discuss their cloud computing plans and concerns. The discussions have been really fascinating, both for what they indicate about the Federal government's cloud plans as well as what they illustrate about its challenges. But, make no mistake, the government is serious about its interest in cloud computing.
I was really looking forward to the conference, not least because of a panel giving a "state of play" view of where the government is with its cloud plans. It has set up a cross-agency cloud steering committee headed by Casey Coleman, GSA CIO, who was on this panel. Prior to this panel, however, I attended another one that included Peter Tseronis of the Department of Energy, who also sits on the steering committee. He described the activities of the committee and noted that a number of subcommittees have been set up to examine issues like security, architecture, and so on.
During the question period, I asked when the just-announced apps.gov will include on-demand IaaS services (the GSA is currently evaluating RFP responses for these services). Tseronis said that, all things coming together, this will occur by end of this year.
[For timely cloud computing news and expert analysis, see CIO.com's Cloud Computing Drilldown section. ]
I made the point during my question that on-demand IaaS will likely drive a lot of interest and experimentation by government agencies, and thereby accelerate government adoption of cloud computing. One has only to look at how the easy availability of Amazon cloud computing has engendered experimentation and forced companies to begin more formal cloud computing initiatives to understand what apps.gov IaaS might precipitate.
Coleman's panel discussed the current status of various government cloud initiatives (including, of course, the GSA-led one). A very intriguing initiative is one being implemented by a shared service organization located in the Department of Interior. From my interpretation, the organization started as a typical consolidation effort, but has now morphed into a cloud-enabled shared infrastructure offering. It's very much a work in progress, but moving forward rapidly. One thing the speaker, Doug Bourgeois, emphasized is that his group works very hard with potential cloud customers to ensure they understand that applications running in the cloud environment retain responsibility for a portion of the overall security of the app.
This is an important point, because not everyone recognizes that using a cloud infrastructure does not (and cannot) transfer all risk to the provider; after all, the provider may not even be aware of the totality of the application, so expecting it to be responsible for overall application security is shortsighted.
The panel I was on discussed virtualization. What was interesting was how much (and how quickly) the discussion-and questions-turned to cloud computing. It's inevitable: once an organization begins harvesting the benefits of virtualization, it soon wants to drive toward streamlining administration, and inexorably that leads to questions regarding the feasibility of taking operations out of the deployment of virtual resources altogether and allowing application groups to self-provision.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.