Cloud First
Consumer Guide
As the slow gazelle would tell you, lagging behind
the herd isn’t always the safest strategy.
®
Cloud First Consumer Guide
Weather Report
prove no more challenging than traditional IT
implementations. The benefits have outweighed any
frustrations, and as a result, the Cloud First agencies
have cheaper, more flexible, and more resilient IT.
Three years ago, OMB mandated a big shift –
directing agencies to identify and migrate three
“must move” services to the cloud in 18 months.
For the agencies that complied with the mandate,
what have they learned? What can Cloud First teach
agencies about going to the cloud and what is the
forecast moving forward? To answer these questions,
MeriTalk asked agencies:
Using a Beacon to Shed Light on Federal IT
What hurdles migration has presented and
whether the efforts have proved successful?
This MeriTalk Beacon report on the Federal Cloud
Computing Strategy is the second in a series of
reports designed to shed light and provide direction
on far-reaching issues in government and technology.
Since these reports are designed to tackle broad
concepts, each Beacon report relies on insight from
a group of expert Federal IT big thinkers on important
topics. Less Data. More insight. Real knowledge.
What types of vendors are yielding reliable results
in the cloud?
Who We Spoke To
Which information technology (IT) programs and
applications are going to the cloud and why?
If the move to the cloud is boosting efficiency or
providing other benefits?
What guidance and recommendations
can agencies offer now that they are well on
their way to the cloud?
MeriTalk interviewed 15 Federal government IT leaders
who have executed cloud migrations to learn about
their efforts, successes, and challenges. This report
summarizes those discussions and provides additional
insight on the lessons learned in the first Federal
cloud programs.
Their experiences – from their frustrations to their
successes – provide valuable insight for other agencies
as they take migration steps. Taken as a whole,
respondents indicate that most cloud implementations
Cloud First Consumers
Ben Bergersen
DOC
Walter Bigelow
ATF
Cheryl Cook
USDA
Bob Duffy
DHS
Kimberly Hancher
EEOC
Rick Holgate
ATF
Stan Kaczmarczyk
GSA
Daniel McCrae
NOAA
Matt Morris
DHS
Vaughn Noga
EPA
Sanjay Sardar
DOE
Jim Steven
USDA
Herb Strauss
SSA
Chaowei “Phil” Yang
NSF
Cloud Computing Exchange
2
www.meritalk.com/ccx
Shawn Kingsberry
RATB
Cloud First Consumer Guide
The Challenge of Change
The ESS II will replace DISA’s $700 million deal with
ViON Corp. in 2007.
Government IT isn’t easy, and getting that IT to
change is even less so. Because cloud involves a new
approach, even normal IT challenges become
“a problem with cloud,” potentially stalling change.
As a result, savvy change managers are often
reluctant to discuss their issues, stifling the
development of best practices.
For example, instances when an agency
walks away from a provider are few
and far between. Learning about deals
that go wrong, and why, is typically best
accomplished through word of mouth,
and even then anecdotal information
is about the best one can hope to
uncover. But in rare cases, failed
relationships make the news.
In July, the Department of Veterans Affairs (VA) canceled
its five-year, $36 million cloud-based enterprise
email contract with HP Enterprise Services. The two
sides signed that contract to move all 600,000 VA
employees to Microsoft’s government
At the Bureau of Alcohol,
community cloud email and calendar
Tobacco, Firearms and
services in November 2012.
Explosives (ATF), moving just
email to the cloud resulted in
savings of about $1 million
annually, according to Dr.
Rick Holgate, ATF Assistant
Director for Science and
Technology and CIO.
Cloud Computing – The
Bottom-Line Reality
Sequestration squeezed $85.4
billion from Federal budgets during
FY 2013, leaving agencies strapped
for cash to meet ever-growing
missions and mandates. Though
the Bipartisan Budget Act of 2013
will provide some relief for FY 2014 and FY 2015, that
relief will be neither sufficient nor lasting.
In November, the Defense Information
Systems Agency (DISA) again extended
its deadline to accept bids for the Enterprise Storage
Service II (ESS II) contract, worth up to $427 million.
Figure 1: Interview Response Word Cloud
Cloud Computing Exchange
3
www.meritalk.com/ccx
Cloud First Consumer Guide
resulted in savings of about $1 million annually,
according to Dr. Rick Holgate, ATF Assistant Director
for Science and Technology and CIO. Even better, the
agency needed to upgrade its email service anyway,
so migrating its email service to the cloud was a
“no brainer.”
Three years and numerous budget battles since Mr.
Kundra unveiled the Federal Cloud Computing Strategy,
it makes even more sense that the Federal government
embrace cloud computing as it searches for ways to
deliver greater value from each dollar. The research firm
IDC predicts Feds will spend an estimated $1.7 billion
on cloud services in FY 2014, and that by FY 2017,
that amount will grow to a sizable $7.7 billion – nearly
10 percent of Federal IT spending.
The Recovery Accountability and Transparency Board
(RATB), a non-partisan, non-political agency created
by the American Recovery and Reinvestment Act of
2009 (Recovery Act) to track the spending of ARRA
funds, migrated to Infrastructure as a Service (IaaS)
on a public cloud. That resulted in direct savings of
$854,800 in two years, according to Recovery Board
CIO, Shawn Kingsberry.
Still, many were initially skeptical about the potential
for cloud savings. For the government enterprise, many
opined, cloud would only be moderately cheaper, and
that savings would be offset by the cost of complicated
migration. With a number of migrations now complete,
however, there are clear examples of cloud’s positive
impact on the bottom-line.
Clearly, the promise of cloud computing is no longer
abstract – it’s real. But no two journeys are alike,
and the paths that each agency leader selects offer
valuable insight.
At the Bureau of Alcohol, Tobacco, Firearms and
Explosives (ATF), moving just email to the cloud
Dollars and “Sense”
Despite the clear potential for savings, the Federal Cloud Computing Strategy is about more than just saving
money. The Cloud First policy mandates that agencies take full advantage of cloud computing benefits “to
maximize capacity utilization, improve IT flexibility and responsiveness, and minimize cost.”
Though some agencies saw cloud as a way to reduce costs, some saw it as a way to enhance and improve
mission outcomes. In most cases, agencies saw IT cost savings. In some agencies, however, cloud delivered cost
savings plus a new level of agility in meeting mission demands.
Re liabilit y
NASA’s Office of the
Inspector General improved
the reliability and assurance
of its emergency messaging
system (EMS) via the cloud.
The agency’s provider has
locations throughout the
country, so if the East coast
has problems, NASA can
shift to a West coast office
Acc o u ntabilit y
Owing to the subscription
model, some agencies are
finding it easier to track
the number of users per
application, and therefore
the actual cost of using
IT services
Cloud Computing Exchange
4
Missio n Fo cus
Flexibility
RATB went straight to the
cloud, enabling it to meet
the obligations of Section
1526 of the Recovery Act
without the overhead of
managing a data center and
other computer equipment
Agencies are using
cloud to increase their
responsiveness to change
and user demands by
swapping capital investment
for operational expense
www.meritalk.com/ccx
Cloud First Consumer Guide
Paths to the Cloud: Cloud Why?
For the agencies that migrated, the Federal mandate and potential for cost savings created the primary drivers
for moving applications to the cloud.
DOJ
DHS
What
How
Website
Cloud Company
NASA
DOC
Why
Mandate
Messaging/
Collaboration
Cloud Offering
Cost Savings
RATB
Support
Application
Specialty Provider
Disaster Recovery
SSA
EEOC
USDA
Mission Application
Broker
Other
Mission Critical
SI
DOE
Figure 2: Cloud First – What/How/Why
capabilities than their existing on-premise
service – capabilities that would have been
difficult and costly to create in the existing
environment.
The mechanics of the mandate are direct, but the
cost savings opportunities came in two flavors:
Cheaper Operations: Savings, in the traditional
sense. On-premise operations cost X per year
and the cloud alternative costs X – (sizeable
percentage) during the same time period. This
variety of savings was prevalent among website
and IaaS cloud solutions
Again, few cloud journeys were exactly alike. As
noted above, NASA opted for cloud-based disaster
recovery to geographically expand its resilience
without paying for independent infrastructure. The
Department of Homeland Security (DHS) saw a
benefit to the “pay-as-you-go” model; current-year
payment rather than an investment-return scheme.
Cost Avoidance: Savings captured by avoiding
hardware, software, or services investment as
the result of a cloud migration. The National
Oceanic and Atmospheric Administration (NOAA),
for example, saw cloud delivery as an opportunity
to avoid managing or owning infrastructure for
mobile device management down the road.
Moving applications to the cloud also keeps
agencies in motion. Sanjay Sardar, CIO for FERC,
notes that cloud delivers a lot of capabilities in
disaster scenarios. Google email kept the agency
available (while still Congressionally compliant)
during the government shutdown.
In ATF’s case, the cloud email and collaboration
offering also came with much more robust
Cloud Computing Exchange
5
www.meritalk.com/ccx
Cloud First Consumer Guide
Applications to the Cloud: Cloud What?
Selecting the Approach and Vendor: Cloud How?
In many cases, agencies decided which
applications to move to the cloud based on the
path of least resistance.
Federal agencies are not without options when it
comes to selecting a cloud vendor. At present, there
are numerous and involved schemes for categorizing
computing offerings by service (e.g. IaaS, SaaS), offering
(e.g. messaging, collaboration, disaster recovery), and
role (e.g. aggregator, customizer, integrator). Gartner
alone curates some 40+ categories of cloud vendors.
Email and website hosting were the two primary
applications agencies moved to the cloud first. In
the simplest terms, those two applications represent
low-hanging fruit that agencies could easily move
from their own servers without mission risk.
When ATF moved email to the cloud, they opted
for a cloud-based offering that was similar to their
traditional Microsoft® Exchange environment.
That said, most Federal decision makers aren’t looking
for complex – they are looking for meaningfully simple.
To that end, MeriTalk has cut down the Cloud First cloud
offerings to five direct groups:
“When done right, email is pretty low risk. It also
scales well.”
– Daniel McCrae, NOAA
Beyond just the low-hanging fruit,
however, some agencies also moved
many other applications to the
cloud, beginning their migration with
applications that had a history of
success in the cloud. NOAA relied
on Google to move email and an
emergency messaging system to
the cloud. The switch lowered costs
and improved communication
agency-wide.
ATF, Department of Justice (DOJ),
and DHS moved their public
websites to the cloud, relying on
Amazon’s cloud service.
Private Plus
Cloud is not an on/off switch
between agencies and vendors, it
is a rheostat of delivery options.
USDA uses public cloud for
email, but also operates its own
internal private cloud strategically
augmented by vendor offerings.
Over time, private-plus savings
for USDA are significant – $75
MM in the first three years and
on track for goal-beating $200
MM in total savings.
The Equal Employment Opportunity
Commission (EEOC) moved multiple
applications to the cloud – Web conferencing,
IT management services, enterprise financial
management, and analytics applications – and used a
number of providers to get there.
Cloud Computing Exchange
Cloud Company: Vendors with
a core business that originated
with cloud-based offerings and
a stake in changing the delivery
of IT
Cloud Offering: Vendors
with a core business built on
traditional hardware and/or
software. These vendors have
cloud offerings in response to
cloud computing, but are often
split between traditional and
cloud-based delivery
Cloud Broker: Vendors
offering a range of cloudcompany and cloud-offering
solutions. Often resellers or
other service providers, cloud
brokers have little stake in
either delivery approach
Specialty: Vendors with a specialized technology
offering such that the approach to delivery (cloud vs.
traditional) is incidental to the offering
Systems Integrator (SI): Vendors with a core
business of building and installing solutions for
government agencies – primarily services offerings
6
www.meritalk.com/ccx
Cloud First Consumer Guide
Cloud First Consumer Guide
Few journeys go smoothly, but Feds who made the transition to the cloud described a valuable experience. They
also walked away with some firm opinions about the major players and the cloud customer experience in general.
Of those who graded their experience, all gave a score of seven or above.
To consolidate a report of the feedback from Federal cloud leaders in a meaningful way for other Federal IT
professionals, MeriTalk looked at the success and ease of the cloud implementation. For a positive rating, the
cloud-based solution needed to be at least as good as the traditional solution it replaced. The following table
summarizes the rating taxonomy:
Symbol
Success of Solution
Ease of Implementation
Excellent
Better than traditional implementation
Acceptable level of challenge
Good
At parity with the traditional implementation
Acceptable level of challenge
Marginal
At parity with the traditional implementation
Overly challenging
Unsatisfactory
Not as good as traditional delivery
--
Based upon the detailed responses from Federal cloud leaders and this rating taxonomy, MeriTalk assembled the
Cloud First Consumer Guide:
Cloud First Consumer Guide
Category
Cloud
Company
Cloud
Offering
Specialty
Provider
Web Hosting
N/A
Cloud
Broker
SI
N/A
Messaging/ Collaboration
Support Applications
Cloud Call Outs
“Very happy with Google
Apps ecosystem.”
– Daniel McCrae,
NOAA
“Would do 365 again.”
– Rick Holgate, ATF
“Very happy with
all providers at this
point – would rate 10.”
– Kim Hancher,
EEOC
Cloud Computing Exchange
7
www.meritalk.com/ccx
“We are extremely
satisfied with our cloud
migration. Satisfaction
rating of nine.”
– Shawn Kingsberry,
RATB
Cloud First Consumer Guide
Lessons Learned: The 30,000-Foot View
much it really costs you. Do a comparison to the cloud
offerings that are out there and make an informed
management decision. Speak to your peers. ” – Walter
Bigelow, ATF
Those who adopted early found they had a lot of work
to do. They also found multiple options in terms of
the path forward as they debated what to place in the
cloud and how to get there. And where was “there?”
What was the goal? They found that they had a lot
of questions, and not many examples to follow, since
few agencies had gone into these unchartered waters
before them.
3
Reality Check: Once you have
a technical and business case,
aggressively review it. Is it too optimistic?
Does it incorporate all of the potential
risks? Where are the most likely problems? Most
importantly, temper the expectations with your
experience. While the benefits are significant, none of the
respondents describe the transition as simple or easy
No maps, no pearls of wisdom, just a mandate to
move forward. Those who have gone through the
migration walked away with valuable lessons and have
useful advice for those who aren’t as far along in their
journey. Like their opinions about the major players,
their views on the experience also provide valuable
insights. Here is what they want you to know:
“Do the math, do the science, do the engineering.
Develop a real business case. Start with functional
requirements related to the mission. If the numbers
don’t make sense, don’t do it. You won’t see real
economies of scale or efficiencies, you will just be
checking off a box.” – Daniel McCrae, NOAA
1
Define Your Objectives: Many
agencies opted for cloud in direct
response to a specific mandate, and as
a result, their primary goal for making
the jump was simply compliance. This is necessary,
but not sufficient according to the Cloud First leaders.
Beyond just compliance, agencies need to specifically
outline their objectives for moving to the cloud in
clear, specific, and measurable terms
4
Manage the Procurers: Given the
technical and management challenges
associated with cloud solutions, Federal
IT professionals will need to manage the
procurement more explicitly. The time may come when
cloud offerings are a commodity, but this early in the
game, what you buy from whom can make a
big difference
“If we had defined our expectations when we started,
it would be easier to answer whether the benefits
from our cloud computing initiative were less than
or greater than expected.” – Daniel McCrae, Director
Services Delivery Division, NOAA
“Don’t bite off more than you can chew. It’s more
complicated than it sounds. Watch out for procurement
challenges.” – Matt Morris, DHS OCIO, Enterprise
System Development Office
2
Do The Math: Cloud is both a
technology and a management
challenge – both involve a deep look at
the numbers. Moving to the cloud needs
to make sense in hard, measurable terms, including
quality of service, mission enablement, cost savings,
and operational efficiency. If the numbers don’t make
sense, it’s probably not a math error
5
Expect Challenges: Do not
underestimate the challenge. Though
the Cloud First leaders bit off a lot of the
early issues, considerable challenges
remain. Do not expect your cloud implementation, no
matter how basic, to be fire-and-forget
“Know that the transition is going to be a significant
effort.” – Chaowei (Phil) Yang, Director, NSF
Spatiotemporal Innovation Center
“Take a good, long, hard look at the service you
are looking to move. Do a full legitimate audit of
that service so you know what’s involved – and how
Cloud Computing Exchange
8
www.meritalk.com/ccx
Cloud First Consumer Guide
Looking Ahead
Worth the Effort?
So what is the forecast for Federal cloud computing?
Many CIOs see clear and distinct advantages in their
cloud migration and are bullish that the slow but
steady momentum they’ve experienced to date
will continue.
A mountain on the horizon always seems taller than when
you are climbing it. Without question, there has been
enormous hype over the benefits of cloud computing. So
too, however, have the fear, uncertainty, and doubt about
off-premise computing been blown dramatically out of
proportion. The Federal cloud leaders MeriTalk spoke with
on and off the record report that their cloud migration has
been a resounding success, despite the usual hurdles
posed by a substantial IT project.
The future of Federal cloud computing is “very bright.
[Private industry is] investing billions and making the
offerings very attractive.” – Chaowei (Phil) Yang, NSF
By and large, the benefits have outweighed any
frustrations caused by those hurdles. And, as a result,
the Cloud First agencies have cheaper, more flexible, and
more resilient IT. Their leaders also have a better sense
of how to manage cloud migrations – experience that
will pay off down the road as they are able to take more
expensive and critical applications to the cloud to deliver
even greater benefits. Other Federal agencies will also
benefit from the experience of the first adopters.
“Moving ahead we have to move enterprise apps to
[the] cloud and will proceed more cautiously with moving
these only where it makes sense.” – Kim Hancher, EEOC
Morris, at DHS, wonders whether there aren’t some
changes that could be made to simplify the cloud
migration process for agencies. A brokerage model
that allows one representative to come to the table
with multiple providers could expedite the purchasing
process and make shopping and payment simpler for
agencies, he said.
Cloud First represents the tipping of the scale. The risks
of not going to the cloud may now well be higher and
more damaging than the risks of making the migration.
As the slow gazelle would tell you, lagging behind the
herd isn’t always the safest strategy.
Whither FedRAMP?
Whether due to program delays or other issues,
FedRAMP created neither benefits nor obstacles for
the Cloud First adopters. In most cases, they met
their security requirements through other means. As
FedRAMP hits its stride, however, it may increasingly
play a role in speeding adoption and removing
obstacles. “No effect to date,” summarized one
Federal executive, “but believe it will help in the future
because there will be more options, less review time,
and less security process involved once providers
are FedRAMP certified.
Cloud Computing Exchange
9
www.meritalk.com/ccx