Innovation in Government: Transition to the Cloud by 1105 Media

SPONSORED CONTENT

GSA and DoD in particular are assembling a set of technical and acquisition tools to prepare agencies to adopt new cloud features and services. In an effort to increase agency cloud adoption, for example, GSA announced it is preparing groundwork for a cloud indefinite delivery, indefinite quantity (IDIQ) contract designed to serve as a “one-stop shop and an improved way to buy cloud” system and services for federal agencies. The timing seems right. GSA’s cloud infrastructure-as-aservice blanket purchase agreement has already expired, and its email-as-a-service BPA will expire in two years. This sets the stage for an omnibus-type contracting vehicle helping agencies avoid gaps in the provision of cloud services, including IaaS. This contract “will serve as a single procurement source for all things cloud, with flexibility so as to incorporate valuable cloud services and technologies that emerge over its lifecycle,” says Mary Davie, GSA assistant commissioner of the Office of Integrated Technology Services in a blog post. GSA also joined forces with the Defense Information Systems Agency (DISA) to vet the project. The two agencies have been able to identify more than 200 requirements and other desirable features that support DoD’s “rigorous security requirements and accommodate other buyers with similar needs.” Cloud-accelerating program tools are also in the works. GSA’s Office of Citizen Services and Innovative Technologies (OCSIT) wants to expand its cloud efforts by creating an “IT portfolio of cloud products” that can help agencies in their transition to the cloud. In an RFI on the plan, GSA said agencies still face obstacles to moving to the cloud, “including a long procurement process, unclear budgets and no insight into current legacy systems.” Agencies need a broad source of tools, platforms, and consulting help to do this right. “The OCSIT cloud portfolio

The CIA announces

DISA launches milCloud,

NIST publishes the

plans to transition IT services to commercial

a set of cloud services tailored to DoD

U.S. Government Cloud Computing Technology

cloud infrastructure.

customers.

Roadmap.

FEBRUARY 2013

MARCH 2014

OCTOBER 2014

2013 2014

has the opportunity to shine the light on this path for an agency customer to have a direct journey to the cloud,” according to a statement in the RFI. “No matter where an agency is on their journey to the cloud, OCSIT wants to be able to deliver a product or service that will help an agency get to the cloud faster, with less confusion, and no errors along the way.” To support developing a cloud portfolio, GSA has also undertaken a program—called “Cloud Special Item Number” (Cloud SIN)—to provide agencies with centralized access to cloud services through the federal government’s mammoth IT Schedule 70 acquisition contract. Using this tool, GSA customers can distinguish cloud services from non-cloud IT products and services in order to quickly arrive at the right solution. “The goal of the Cloud SIN is to provide customers centralized, streamlined access to cloud computing services through IT Schedule 70 to meet their eligible government, state, and local needs,” according to the Cloud Computer Program Management Office. That office has managed more than $450 million for dozens of cloud acquisition awards, either directly through its own cloud acquisition tools or by helping agencies direct their cloud orders to GSA IT Schedule 70 alone. Besides contracting and consulting support from GSA, government technology policymakers also moved early this year to strengthen the security of agency cloud investments. The Federal Risk and Authorization Management Program (FedRAMP) is readying draft baseline standards and requirements for cloud systems that warrant the highest levels of government information security, such as law enforcement, personal health and national security-related data. Together, these new tools and policies should give agencies latitude to deploy a range of cloud tools to support current business objectives and requirements.

The FedRAMP office releases a draft of a

GSA adds a Cloud

high impact baseline.

Special Item Number to IT Schedule 70.

JANUARY 2015

APRIL 2015

2015

GSA announces plans to develop a governmentwide IDIQ contract for cloud services.

JANUARY 2016

2016 3

T R A NSI T ION 2 016: NE X T-GE N CL OUD T OOL S SPONSORED CONTENT

HOW TO MAKE “AS A SERVICE” A REALITY The flexibility of the hybrid cloud eases an agency’s transition to an IT “as-a-service” business model.

WILLIAM ROWAN

VICE PRESIDENT FEDERAL, VMWARE

HERE ARE two factors fueling the

federal government’s drive to acquire capabilities through an as-a-service model. One factor is the reduced funding agencies are receiving from Congress. The other is the growing amount of funding legacy systems take up in maintenance and training. Buying new capabilities as a service helps agencies make budget-conscious moves that reduce dependence on legacy systems more quickly. The cloud is certainly the catalyst in this transition to the as-a-service model. Although the cloud has been around for a number of years, federal agencies still regard it with a degree of skepticism. Security remains the primary objection. The Office of Management and Budget’s Cloud First policy is likely to push any holdouts to the cloud as the current administration prepares for the January 2017 transition to a new one by closing out its initiatives like Cloud First. Fortunately, the path to as-a-service and cloud-first isn’t new. There are success stories and lessons learned throughout federal agencies. The vendor community that supports them does as well. As agencies innovate by buying as a service, VMware sees a couple of different shifts in the marketplace. Here are a few things government leaders should look for and consider when making decisions about cloud and as a service. Surely infrastructure as a service—the ability to get that compute and storage capability as a service—has become the most popular. It’s probably the simplest for government to tackle. Then there will be more software as a service, and then platform as a service, as agencies focus on how to design and build that next-generation application as a cloud service for their own use. A significant number of agencies have already built their own private or on-premises clouds as they embrace an as-a-service model to support their organizations. Those agencies

are also now starting to move to an off-premises model. Private clouds help agencies maintain control and visibility of critical applications, while public clouds provide capacity and scalable services on-demand. The next step, both in terms of evolution and capability, is the convergence of those models into a hybrid model. This provides agencies with the ability to bridge on-premises to offpremises. With a hybrid cloud model, agencies can increase service levels while driving down costs and improving security. A hybrid model helps agencies move applications and workload back and forth as needed. It also provides more flexibility for differing business models. As agencies compare this new way of delivering services to the way they’ve traditionally operated, the hybrid cloud environment will continue to evolve. Applications have historically been moved to the cloud, but now new solutions will be built with the understanding they’ll run on a cloud infrastructure. There will be more focus placed on defining the needs and desires relative to the application. This is the big shift that will be evident over the coming years. This shift includes not just assessing an application from the perspective of “will it run,” but also defining the procedures and processes by which the clients will consume this service. This could entail creating some type of charge-back or show-back model so agencies can accurately show who is using the services and the actual costs of delivered services. By presenting a business case in this way, agencies can be more productive and focus on the applications they need to achieve their mission, without having to worry about the supporting IT infrastructure. William Rowan is the Vice President Federal for VMware.

‘‘

GENIUS A hybrid cloud platform that’s

takes full advantage of the IT we have today.

’’

One CLOUD. Any APPLICATION. Any DEVICE.™

vmware.com/cloud

Available through Carahsoft Learn more: carahsoft.com/innovation/VMwarecloud

T R A NSI T ION 2 016: NE X T-GE N CL OUD T OOL S SPONSORED CONTENT

HOW AGENCIES CAN ADAPT AND INNOVATE

A mature cloud strategy provides agencies with a much greater ability to adapt to changes in technology and user demands.

R CARMEN KRUEGER

SENIOR VICE PRESIDENT, CLOUD OPERATIONS, SAP NATIONAL SECURITY SERVICES (SAP NS2 ) ®

EFLECTING ON the Cloud First policy unveiled six years ago, it’s clear most federal agencies are well underway in the execution of the vision to improve information technology delivery within the federal government as a whole. The continued maturation of the FedRAMP program has also facilitated the availability of more cloud offerings to help federal agencies realize the advantages of cloud computing. The business benefits of cloud computing are clear—increased agility, scalability, opportunities for collaboration, as well as sharing of common infrastructure and common services. As we accelerate into the IoT or “Internet of Things,” cloud computing will take an even more prominent role in our future IT architectures. Moving forward, what were once mere benefits will become absolutely essential. The cost, scale and collaboration opportunities of moving to the cloud are frequently cited and well understood. A less well-represented benefit is agility. As technology morphs and the demands on federal agencies increase, agility—the ability to move quickly and intelligently—is a must. How does a cloud help federal agencies become more agile? There are three aspects to consider: 1. Accelerating the pace of innovation delivery: In the cloud delivery model, DevOps enables virtualized environments where collaborative teams in different places can quickly and efficiently work together and test new applications and practice the notion of “test fast, fail fast, adjust fast” in ways that were previously impossible or cost-prohibitive. 2. Incremental transformation of business processes: Federal agencies need not transplant entire systems to tackle a critical

business process. This transformation can take one step at a time while minimizing any impact to existing IT infrastructure. 3. Expanding the art of possible: Agencies can develop innovative systems more rapidly using hybrid cloud environments, as well as public/private partnerships. The magnitude and speed of innovation is exponential. Agility is an expectation, not merely a nice-to-have. The benefits of the cloud cited are all intertwined. The key point is that both agility and innovation are important to consider as a measure in the overall analysis of any cloud-based project. While advances have been profound, the maturation of cloud computing in the federal government environment still faces considerable challenges. Agencies need to find new ways to address change management, new policies, and must continually assess the risk posture of the cloud against the agency’s proposed cloud use case. The good news is these are not insurmountable issues. Commercial entities have addressed similar challenges over the past six years. With a higher level of collaboration and trust between industry and government, there will be an increased ability to move beyond what is perceived to be “impossible.” In creating the level of trust and transparency required for success, industry and government will reach new and enhanced methods of communicating and working together. The FedRAMP program creates the foundation for a “trust but verify” framework. Nevertheless, to truly move forward, industry and government must discipline themselves and learn to lean in together. Carmen Krueger is the Senior Vice President, Cloud Operations, SAP National Security Services

THE CLOUD YOUR WAY – SECURELY The NS2™ Cloud provides a seamless customer journey to the cloud, enabling the organization’s specific policy requirements while delivering the benefits of the cloud. The NS2 Cloud couples the SAP NS2 Secure Support offering with Secure Infrastructure Support, as well as Secure Professional Services. The NS2™ Cloud accelerates the mission to achieve business outcomes. Deliver innovation without sacrificing security and compliance. NS2 employees are U.S. citizens, operating on U.S. soil. Our experience, ecosystem, and solutions will deliver your mission critical edge. SAPNS2.COM | 877-9-SAPNS2 (877-972-7672)

On-Premise to Cloud

Cloud to Cloud

SAP NS2 Secure Support SAP NS2 Secure Infrastructure Support SAP NS2 Secure Services

MISSION DELIVERY

NS2 TM CLOUD ASSURANCE, COMPLIANCE AND CERTIFICATION

INNOVATION, SPEED AND EFFICIENCY

Embrace the cloud with SAP NS2 solutions available through Carahsoft. LEARN MORE AT CARAHSOFT.COM/INNOVATION/SAPNS2CLOUD.

T R A NSI T ION 2 016: NE X T-GE N CL OUD T OOL S SPONSORED CONTENT

HOW TO EASE THE BURDEN OF LEGACY SYSTEMS An enterprise approach to cloud provides three key efficiencies that free up resources for modernization.

E BOB OSBORN

CHIEF TECHNOLOGY OFFICER, FEDERAL, SERVICENOW

NTERPRISE SERVICE delivery in government agencies lags behind the consumer technology world. Just look at the experience of getting a ride in a car, or booking a flight or hotel room. Uber notifies you what car will arrive, when, driven by whom, and then charges according to your preferences. Your favorite airline or hotel pushes information to you about your reservation. 2016 holds great promise for federal agencies when it comes to bridging the gap between the consumer world and the enterprise. And cloud computing is the key to making that happen. The chasm of expectation versus reality is no longer acceptable. While agencies are under pressure to modernize the user experience and roll out new services, they also face a stark reality. The government’s IT budget is nearly $80 billion, three-quarters of which is spent on operating and maintaining current systems. They can’t make the shift to the cloud while burdened with the expense and time of managing legacy systems. Moving to cloud computing is essential. As FITARA pushes agencies to modernize their approach to IT, enterprise-class cloud computing provides three key capabilities that can help deliver these greater efficiencies: 1. Efficient Infrastructure Management: Instead of focusing on managing infrastructure, applications and networks, agency executives can focus on delivering a modern, commercial-grade user experience. They can deliver information when it’s needed within the appropriate context. Enterpriseclass cloud service providers can help deliver previously unobtainable levels of visibility, security and accountability. It’s important to note this service model

can’t rely on the traditional cloud computing architecture of most consumer-facing apps. Enterprise-class apps require an enterprise-level cloud infrastructure to provide unprecedented high availability and performance. If a consumer cloud-based app such as Facebook goes down for a few hours, it’s a mere inconvenience. However, it’s unacceptable to lose an enterprise service delivering business critical capabilities, even if only briefly. The enterprise cloud provides 24/7 availability with no downtimes or outages, protects confidential information, and unifies multiple departments through a common service model. 2. Compelling User Experience: Federal agencies can duplicate the consumer-level user experience because the enterprise cloud provides the same ease of automation, workflow portals, presence and device awareness that define the consumer world. Automated notifications become part of that user experience. 3. “Service Awareness” to Connect All Divisions: The enterprise cloud’s platform orientation moves agencies away from siloed departments (such as HR, finance, facilities, IT) with distinct processes and systems. Now an enterprise-wide service delivery model can coordinate workflows across all departments while providing each with the visibility and control it requires. Government agency executives should consider moving from a traditional IT infrastructure to the enterprise cloud. Doing so will help them create a simpler and better user experience, while also relieving them of maintaining systems and apps in the datacenter. Bob Osborn is the Chief Technology Officer, Federal for ServiceNow.

Now, the entire enterprise manages... Facilities Cases Emergency Disasters Tax Resourcing Invoices Legal Documents Legal Requests Employee Onboarding Employee Offboarding

Performance Reviews Marketing Events Merchant Onboarding Mainframe Provisioning Password Resets IT Assets

Itâ&#x20AC;&#x2122;s time to transform the service experience for everyone in the enterprise. Stop relying on email and spreadsheets to route work through the business. Start automating everything as a service in the cloud to change the way people work. Embrace the cloud with ServiceNow solutions available through Carahsoft. Learn more at carahsoft.com/innovation/ServiceNowcloud

Field Technician Availability Field Maintenance

ServiceNow Service Automation Government Cloud Suite is FedRAMP JAB Certified

ÂŠ 2016 ServiceNow, Inc. All rights reserved. ServiceNow and the ServiceNow logo are registered trademarks of ServiceNow. All other brand and product names are trademarks or registered trademarks of their respective holders.

T R A NSI T ION 2 016: NE X T-GE N CL OUD T OOL S SPONSORED CONTENT

HOW TO ACHIEVE AGILITY

Agencies shifting to the hybrid cloud need to focus on information - not infrastructure.

G TOM KENNEDY

VICE PRESIDENT AND GENERAL MANAGER, VERITAS PUBLIC SECTOR

OVERNMENT AGENCIES

are moving quickly to modernize and transform their technology infrastructure and service delivery. Accelerating that shift means embracing the hybrid cloud to have workflows, data, and services flow seamlessly between private and public cloud infrastructures. This is essential for maximizing speed, flexibility, and agility. The hybrid cloud is experiencing the fastest growth rate of any cloud model, with 90 percent of enterprises pursuing a hybrid cloud solution within the next 12 months. However, that extra agility can come with some baggage—possibly higher costs, new risks, and less control. So agencies looking for extra IT agility need to answer one central question—how do they take advantage of the full promise and potential of the hybrid cloud platform without incurring the corresponding inefficiency, chaos, and risk? To truly gain the instant scalability, lower infrastructure costs, and freedom to innovate across on- and off-premises environments, agencies need to shift their focus from infrastructure to information. Embracing this shift means agencies need extra visibility to uncover, understand, and remediate the blind spots hybrid cloud environments often create as information moves across different platforms. It means agencies must keep all their applications and services healthy—and available—all the time. It means agencies need to protect, manage, and govern all the data flowing through the complex, multi-vendor hybrid environment. And it means agencies need to create a reliable way to monitor and maintain the efficiency of the complete hybrid cloud system. Hybrid cloud architectures are inevitably complex. They can quickly become difficult to manage and support. Predictable hybrid cloud services start with the ability to assess

and understand where the different pieces of the hybrid cloud infrastructure connect and interact. With nearly limitless potential combinations and interactions among multiservice, multi-vendor cloud and on-premises environments, government agencies need a way to accurately assess their total infrastructure. Remediating these blind spots and removing the weaknesses can help agencies manage all their data, application, and storage tiers across their entire hybrid cloud environment. This can reduce the risks of downtime, provide predictable service delivery, and ensure data is backed up and protected. It’s time to embrace the agility of the hybrid cloud. A unified point of control can transform that extra visibility into efficient, automated, and centralized management. Government agencies at all levels are realizing that goal. This combination of deep visibility and centralized control helps agencies harness the power of their information. They can quickly recover services and applications when they go down, store data where it makes the most sense, embrace cost-effective data protection models, and defensibly delete worthless data. “Always on” value means government agencies benefit from creative deployments of existing applications, combined with a sound strategy for executing emerging capabilities. Embracing agility means replacing chaos, risk and inefficiency with the freedom to innovate. This way, government agencies can conquer that triple threat by building visibility, management, security, and governance into every part of the hybrid cloud infrastructure. Embrace the hybrid cloud revolution and accelerate your agency’s cloud adoption plans with confidence. Tom Kennedy is the Vice President and General Manager, Veritas Public Sector

It’s time for true visibility. IT’S TIME FOR VERITAS. Veritas delivers visibility and management over data, applications, and storage tiers. Reduce the risk of downtime, simplify recoverability, ensure predictable service-level delivery, and accelerate the implementation of hybrid-cloud services with Veritas solutions. Read the latest research on the State of the Hybrid Cloud at veritas.com/hybrid-cloud-report

IS YOUR DATA WORKING IN THE CLOUD? OR IS IT LOST IN THE FOG?

T R A NSI T ION 2 016: NE X T-GE N CL OUD T OOL S SPONSORED CONTENT

HOW TO EMPOWER DIGITAL GOVERNMENT For optimal agility, it’s imperative that government agencies adopt a hybrid cloud strategy.

M BRETTON STAFFORD PRINCIPAL, OFFICE OF THE FEDERATION, EMC

ANY IN THE FEDERAL IT

community, including federal CIO Tony Scott, believe they have an opportunity to “seize the moment.” They have a chance to leverage the Federal IT Acquisition Reform Act (FITARA) and reimagine government technology to realize the benefits of a digital government, but struggle with where to start. Organizations that do not leverage the cloud risk becoming irrelevant in a digitally transformed world. In some cases, federal agencies are focusing efforts on the wrong goals. For example, merely counting applications, servers, and data centers provides a simple but only marginally useful metric. Federal IT leaders should instead be measuring the impact of IT on delivering mission requirements, innovations that lead to higher citizen satisfaction, and the efficiency of their data centers. Federal CIOs need to take advantage of their new FITARA authority and leverage lessons learned from commercial counterparts to accelerate cloud implementation in 2016. While federal CIOs and CTOs agree progress means embracing the cloud, they say their greatest challenges are determining which applications to move, how much it will cost, and having enough information about their current environment to select the right platform for both required legacy systems and new cloud native capabilities — private, public, or hybrid. Agility is equally important. CIOs must have the ability to move applications between cloud hosting options or back on-premises when business, mission or security requirements change. Legacy applications can run more efficiently in the cloud, but they require different cloud architecture than new mobile or cloud native applications. IT executives should look for a proven decision framework capable of mapping applications to business/mission processes, objectively determining cloud suitability, and assessing federal information

assurance and security requirements for each workload. That will help lead them to the right balance of public and private cloud. The right hybrid cloud mix will move agencies down the field toward a digital government future. But what will this future digital government look like? A new study from IDG Research Services explains “digital business,” or in this case “digital government,” will improve customer experience, introduce more data-driven processes like predictive analytics, and maximize transparency into how data is being used and secured. The hybrid cloud lays the foundation for this digital transformation by automating routine tasks and offering self-service access and control of their choice of cloud. The result is improved scalability, availability, and utilization of IT resources, which translates into savings. The IDG study finds 96 percent of the more than 900 global IT leaders with hybrid cloud initiatives say these initiatives are delivering measurable results, increasing innovation (82 percent), and enabling real-time decisions (81 percent). The IDG data also shows a direct correlation between hybrid cloud computing and digital business success. Eighty-eight percent report hybrid cloud is an important digital business enabler and 73 percent agree hybrid cloud models create a path toward digital business. The majority of respondents stated applications and systems that provide differentiated capabilities were hosted in a private cloud, and all generic workloads were hosted in a public cloud. While these IT leaders are empowering new digital capabilities, they are also reducing IT costs—on average by 24 percent with hybrid cloud. The business of government is digitizing, and hybrid cloud will be a key enabler to faster, more efficient, more citizen-centric services. Bretton Stafford is a Principal in the Office of the Federation at EMC.

REDEFINE HYBRID CLOUD Embrace the cloud with EMC solutions available through Carahsoft. Learn more carahsoft.com/innovation/EMCcloud

T R A NSI T ION 2 016: NE X T-GE N CL OUD T OOL S SPONSORED CONTENT

HOW TO DRIVE DIGITAL GOVERNMENT Transform your agency by transitioning entire workflows to the cloud.

BARRY LEFFEW

VICE PRESIDENT PUBLIC SECTOR, ADOBE SYSTEMS INC.

HE REAL POWER of the cloud

lies in the maturity of the technology within an agency. For many agencies, cloud technology is often viewed as an infrastructure play—the ability to reduce capital expenditures while improving scalability and uptime. Infrastructure-as-a-Service (IaaS) technology becomes a clear value driver in agency IT portfolios. Over time, the IaaS technology delivers distinct benefits in the areas of reliability, scalability and global availability, but those benefits are often limited because they are bound to the infrastructure. The true magic happens when agencies layer Platform-as-a-Service (PaaS) or Software-as-a-Service (SaaS) components on top of the IaaS. This is the point at which cloud maturation happens. When an agency matures its approach to cloud technology, greater benefits can be realized. The manner in which content is created, managed, delivered and measured begins to change, and operational tempo naturally increases. Content becomes more secure, regardless of device or location. Organizations become more agile as people, processes and technology mirror the cloud and evolve to support a service model. At this point, continuous deployment also becomes a reality. And by adding a Managed Services approach to the portfolio, agency benefits continue to grow as the challenges and complexities of cloud management are removed. The service provider continuously delivers ongoing updates and services up the entire technology stack and across all workflows throughout the agency. There are four considerations to ensure your agency can take advantage of cloud maturity: 1. Speed Matters: The sooner you can adopt cloud solutions into your agency, the sooner you are able to mature. It doesn’t have to be all at once.

Surgical pilots that deliver proof-of-concept can help an agency mature its approach. Also consider that managed services implementations can take less than two weeks. 2. Start Layering Clouds Over Workflows: Get beyond the “single cloud, single application.” Moving standalone applications can be beneficial, but won’t transform your agency. Neither will cloud storage. To achieve the benefits associated with cloud maturity, you have to transition entire workflows. Transitioning elearning workflows is a great place to start. 3. Secure at the Content Level: FedRAMP provides a standard approach for assessing and monitoring security, but agencies need more. Beyond a firewall or perimeter security, agencies need to secure data in a way that supports multiple workflows, multiple networks, multi-factor authentication, multiple devices and multiple users. Agencies have had great success with user-based security technology such as Digital Rights Management (DRM), which persistently encrypts and protects sensitive information wherever it goes. Applying DRM to cloud-based documents can ensure its security at all stages of the data lifecycle. 4. Geographic Redundancy Is Important: Environmental, geographical and even political factors affect uptime and cloud data center reliability. Consider the “Snowzilla” storm earlier this winter—both the weather and cloud usage spike had negative impacts in the Northern Virginia area, through which 70 percent of the world’s Internet traffic flows. Cloud vendors with geographic redundancy nimbly managed both the physical and digital storm. The cloud is delivering great benefit to government agencies. With greater maturity, it can catapult your agency to new levels of performance, agility and security. Barry Leffew is the Vice President Public Sector for Adobe Systems Inc.

Make public services more personal. Create better customer experiences with Adobe cloud solutions for government.

1-877-99ADOBE Embrace the cloud with Adobe solutions available through Carahsoft. Learn more at: carahsoft.com/innovation/AdobeCloud. /AdobeGov

Adobe and the Adobe logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. All other trademarks are the property of their respective owners. ÂŠ 2016 Adobe Systems Incorporated. All rights reserved. 2/16

@AdobeGov

T R A NSI T ION 2 016: NE X T-GE N CL OUD T OOL S SPONSORED CONTENT

Executive Viewpoint

ONE-ON-ONE WITH RICHARD MCKINNEY Department of Transportation’s CIO talks about DoT’s move to the cloud.

RICHARD MCKINNEY CHIEF INFORMATION OFFICER, DEPARTMENT OF TRANSPORTATION

The Congressional authors of the Federal Information Technology Acquisition Reform Act (FITARA) intended for agencies to have more latitude to utilize cloud technology to save money and modernize agency applications. Richard McKinney, Chief Information Officer at the Department of Transportation, has received high praise from one of the authors of that legislation, Rep. Gerry Connolly (D-VA). Connolly believes McKinney “really gets” the convergence of policy and technology to spark innovation and cost savings in the federal government. McKinney sat down with federal government expert and journalist Francis Rose to talk about DoT’s cloud transition. Rose: What is the Transportation Department’s assessment of its current systems and transition to the cloud? McKinney: We’re in the middle of transitioning our entire mail and messaging platform to a shared, government-only cloud environment. We’ve got the messaging side of it operative, and we’re working on the planning for the launch of the mail store and the mail boxes, which will probably take place over the next couple months. Rose: What is your sense of what the next steps will be? McKinney: The storage side is easier than the compute side, so I think that’s where our next focus will be. We’ll also, at some point, begin to move into the compute side as well. I think all of us are looking at what [businesses] we can get out of. If we’re going to do it locally and on our own, we have all the accompanying infrastructure underneath it. If we can find good, reliable, secure shared service providers, it simplifies our lives. I told you we moved our e-mail to the cloud. Now my whole e-mail system automatically

has redundancy. I don’t have to think about whether I have a mail store. I don’t have to build the platform it rides on. By moving to the cloud, I no longer have to worry about standing up all that infrastructure and providing all that underpinning. Rose: Do you still hear hesitations or objections among your colleagues about moving to the cloud? McKinney: What I sense is a real excitement about the possibilities. Everybody wants to be cautious because you want to be sure that you move into a service that’s going to be secure and reliable. We tend to think that we work hard to make sure the infrastructure we provide for ourselves is reliable and secure. If you’re going to pick that up and move it to the cloud, you want to feel equally as confident that what you are transitioning to the cloud is going to be well managed and secure. You also have to keep your options open. You don’t want to move something to the cloud and have it be a dead-end street. You want to be able to port that service to another provider down the road if somebody comes along with a better solution or a better shared service. What I feel is we’re all very much chomping at the bit to identify these reliable service providers and take advantage of them. Rose: Are some of the tools that you need to effectively make cloud transitions and as-a-service transitions included in the FITARA? McKinney: FITARA is an important piece of the puzzle. I’m trying to use FITARA to get total transparency through the department about how we spend our money. As I better understand that, I believe I’m going to find more opportunities to bundle up the needs of all the various operating administrations and

T R A NSI T ION 2 016: NE X T-GE N CL OUD T OOL S SPONSORED CONTENT

move a particular set of needs to a shared service provider. Rose: Are there some best practices that the government has prepared for transitioning from legacy to modern apps and the cloud? McKinney: I’m sort of creating as I go along. That’s the honest answer. I think it is case-by-case because each app is unique. They have unique histories and were often built slowly over a period of time. We begin with understanding it, and the requirements it’s met. Rose: When you do a transition like your mail and messaging, how do you assess the success? McKinney: The day we transition over, if the users are saying, “I didn’t know anything happened,” that’ll be successful. But I also know transitioning to this new solution is going to bring new capabilities. What I’m looking for is the user saying, “These new tools are really great. They’re making our job easier and improving our ability to stay in contact with one another,” which is especially important in a department like the DoT that has people all over the United States. Rose: How are you tackling moving legacy systems—especially the most entrenched systems that are so important to meeting the day-to-day mission requirements of the agency? McKinney: It’s funny that you bring that up, because I was at a meeting recently with one of my operating administrators. We were doing a deep dive into a legacy application, going through it and figuring out what it was going to take to be able to approach the marketplace and modernize this application. There are obviously a lot of thorny issues that come along with those legacy apps. There’s a big emphasis now coming from (Federal CIO) Tony Scott and OMB to inventory and understand your legacy applications, and begin to put road

maps together to bring those applications into the 21st century. I came out of that meeting very encouraged that we’re going to be able to do that. Rose: As you go through that review process, do you ever run across situations where you see an opportunity to use a commercial offthe-shelf (COTS) product? McKinney: I assume we’ll probably run into some where there’s a commercial solution that covers it. A lot of these legacy apps are legacy because of the unique business need they were built to address. For most of the replacements, it’s going to be a development effort on a modern cloudbased platform. Rose: Is there a better way for industry to convey to you that they’re able and ready to serve the government’s needs? Or is it as simple as “we’re FedRAMP certified, so we’re approved by the government and good to go?” McKinney: That goes a long way. A vendor that runs the gauntlet of FedRAMP is obviously serious. It shows that they understand the unique requirements of the government. I think that signals to us that they’ve made a huge commitment to the cloud. Rose: Are you seeing the spectrum of opportunities for shared services that you’d like to see? Some IT professionals in government believe the administration is really pushing shared services, but there’s not as big a menu of choices as some folks would like. McKinney: I think that’s true. There’s an effort underway right now, in the form of a shared services group. I participated in a meeting recently where they’re going through and asking all the departments, “What do you do internally as a shared service? Where are you a provider of a

shared service? Where are you a consumer of a shared service?” I think there’s an effort to try to map out the shared service offerings across the federal government, and then put together a more robust menu of possibilities. Rose: It sounds to me like that shared services road map could really be a transformational tool for everybody across government to have visibility into who’s doing what, and where you can piggyback onto what one of your colleagues is doing someplace else. McKinney: The Office of Management and Budget is making a very concerted effort to champion that issue and bring all these shared services up to where everybody can see them. Then we can pick and choose, and figure out what’s a good match for our businesses, and what we can let go of. Rose: What’s your sense of the right balance between OMB guiding you and your colleagues through this process, helping you, and providing tools to you and your colleagues, and a more stringent, top-down transformation? I’m not suggesting OMB is doing the latter, just curious about how to strike that balance. McKinney: I believe that OMB has a role to press us, and to insist that we show them how we’re moving in this direction. I don’t take that as pressure. I accept it for what it is. They’ve got a job to do. They’re trying to get the most bang for the buck out of the budget, and clearly moving toward shared services is a way for us to eliminate some of our duplicative costs. In these times of tight budgets, I fully expect that would be a focus of theirs, and that they would be prodding us to move in that direction.

This interview continues at carahsoft.com/innovation/ cloud 17