There's been much discussion around the efficiencies to be gained from cloud computing – shuttering data centers and streamlining operations – but little talk of the freezing effect this end goal can have on the federal IT workforce. Cloud computing efforts would see stakeholder buy in improve significantly if there was some assurance that personnel would be protected, says one National Oceanic and Atmospheric Administration IT executive.
Interoperability and portability remain largely unaddressed issues among cloud services. And until all cloud computing services can ensure clients' data is portable and interoperable, federal chief information officers need to think about how they can get out of their cloud contracts, said federal executives speaking Jan. 15 at the Federal Cloud Computing Summit in Washington, D.C.
The General Services Administration provided an update on how the Federal Risk and Authorization Management Program is meeting milestones and laid out new deadlines as part of a Dec. 16 press briefing and the release of the program's roadmap.
"There's been some confusion that FedRAMP is GSA, and FedRAMP is the JAB, but really FedRAMP is a program that is governmentwide in nature and has stakeholders across the government," said FedRAMP Director Matt Goodrich. A new plan aims to refocus the program on agency stakeholders and further spread the responsibility for authorizing cloud services.
Two and a half years in, the Federal Risk and Authorization Management Program, which aims to help agencies and departments more quickly and securely procure cloud services, is being adopted in pockets across the federal government, but not always correctly, say General Services Administration officials during a Dec. 16 press briefing.
The guidance essentially codifies certain actions that have already occurred. For example, in August, Amazon Web Services became the first authorized commercial cloud provider to host sensitive unclassified data for DoD.
Complex, non-standardized cloud computing service level agreements make comparing cloud offerings during procurement and ensuring proper execution once work is underway difficult for federal agencies and departments, said a Homeland Security Department Official.
Two years after the Defense Department released a strategy to implement cloud computing, several elements have still not been completed that could potentially result in lost cost savings, decreased effectiveness and lower security – findings that the department disagreed with, a Dec. 4 audit revealed.
Cloud computing technology is ready for the enterprise, but most agencies are not prepared at a policy level to most efficiently implement it, according to a whitepaper published Oct. 10 by the MITRE Corporation and the Advanced Technology Academic Research Center
A memo to be released next month will allow the military services to handle their own acquisition of cloud computing technology rather than requiring them to work through the Defense Information Systems Agency.