Q&A: Why Government Agencies Are Finally Moving to the Cloud

Cloud computing is a popular architecture, and U.S. agencies are finally getting on board.

Cloud computing is a popular architecture, and U.S. agencies are finally getting on board. What’s driving the move, what applications are the first to be moved, and what cloud deployment models are most popular? For more about cloud and the government sector, we spoke with Jim Seaman, vice president of Sendmail’s federal division. Jim also drives Sendmail’s strategic cloud initiatives and alliances for the company.

Enterprise Strategies: What is it about cloud computing that has finally caught the attention and interest of the federal government?

Cost savings is the driver and the attention-getter when it comes to cloud computing in the federal government, as well as data center consolidation, which has a major impact on reducing the cost of delivering IT services. Over the past two years, the federal government has reduced the number of data centers by 137, from 2,094 to 1,957. One of the ways in which they’ve been able to achieve significant data-center consolidation is by outsourcing certain services to the cloud.

Some 950,000 e-mail boxes across 100 e-mail systems have been identified by 15 federal agencies to move to the cloud. Recently, the General Services Administration (GSA) released a $2.5 billion IDIQ procurement to consolidate government e-mail systems in the cloud. The mandatory services included e-mail-as-a-service, migration services and integration services; optional services included automation-as-a-service and management-as-a-service.

What trends do you see in moving government applications to the cloud?

Federal agencies will migrate applications low in security risk to the cloud and this trend will accelerate. The most common applications low in security risk that we will see migrated to the cloud are Web sites. The data served through a Web site is by its nature public, where organizations are motivated to share information. We will also see government agencies with similar application requirements pool resources together by leveraging a community cloud. These community clouds are sometimes referred to as a government cloud or also shared services.

Why is e-mail one of the first applications to be considered for the cloud?

Many believe that e-mail has become a commodity service and therefore a natural to migrate to the cloud. Adding to this perception is that Google, Yahoo, Microsoft, Amazon, and dozens of others have been offering free Web-based e-mail to the public for years, so if it’s free, it must be easy, right? Also, Microsoft and Google are putting tremendous priority and publicity into their cloud messaging solutions, and with that comes interest.

IT organizations are learning, however, that it is not as easy as it appears, especially for large organizations with complex messaging requirements. Examples include agencies with numerous applications and systems generating e-mail messages, complex address rewriting requirements, compliance and regulatory mandates, DLP, sophisticated encryption requirements, and multiple locations, divisions, and delegations of authority.

What should and shouldn't be moved to the cloud?

It all starts with ROI when considering what should and what shouldn’t be moved to the cloud. Great candidates are applications that are elastic in demand, where compute requirements vary greatly with periodic or seasonal swings. These are particularly expensive for organizations to manage because they must scale the infrastructure for peak demand which occurs only a small fraction of the time. These applications will have the highest ROI and therefore should be moved to the cloud.

Another obvious application is one where you want the information provided to the public, such as a Web site. The risk barrier is lower, making Web sites an obvious first application to consider.

Applications that should not be moved to the cloud are systems of record (the crown jewels) which usually have decades of customization and are truly mission critical. These are often mainframe based and would be very difficult to cost justify and also very difficult to duplicate their functionality in a cloud environment.

As far as e-mail infrastructure goes, the gateway security systems that filter inbound e-mail are the easiest to migrate to the cloud. Spam, virus, and malware filtering technologies have become commoditized, and there is minimal security risk in having a third-party outsource this functionality. Many consider this a security enhancement in fact, because the bad mail is kept external to the customer’s networks.

Some organizations are also looking at moving some of their on-premise e-mail boxes (mail stores) to the cloud. There is potentially a significant ROI for moving this layer of an e-mail infrastructure to the cloud, but there are more risks involved such as storing sensitive business information outside that respective organization’s secure internal network.

Which government agencies are being most aggressive moving applications to the cloud?

The Office of Management and Budget (OMB) is leading the charge with the federal CIO’s “cloud first” strategy. OMB has urged each civilian agency CIO to move three applications to the cloud by July of 2012. The General Services Administration (GSA), U.S. Department of Agriculture (USDA), NASA, and the Interior Department have been quite public with their cloud plans and projects, but all federal agencies are aggressively looking at it, and hundreds of applications have already been migrated to the cloud.

What types of cloud deployment models will be the most frequent in government so far, and in the future? Public, private, hybrid, community?

Private clouds, including “go-go” (government owned, government operated), “go-co” (government owned, contractor operated), and “co-co” (contractor owned, contractor operated). The second most frequent model will be community clouds, where a government agency runs private clouds for other government agencies, leveraging shared services. NASA’s Nebula is an example of this, and Congress, Department of Justice, GSA, and others are already engaging in these community clouds.

What products or services does Sendmail offer to help government agencies move to the cloud?

E-mail is often targeted as one of the first services to move to the cloud, but such a migration may not be an easy, straightforward process. Sendmail provides Global 2000 companies and government agencies the e-mail backbone infrastructure (“middleware”) required to move the commodity functions (such as virus and spam filtering) to the cloud.

An e-mail backbone is the core infrastructure that glues the on-premises departmental SMTP-based applications together, manages complex routing, encryption, directory synchronization, data loss prevention, and intelligent policy enforcement, as well as the layers of the infrastructure that are moved to the cloud. An e-mail backbone can be an enabler to large enterprises allowing them to reap the financial benefits of the cloud without compromising security, flexibility or site specific customization.

Must Read Articles