Friday, August 13, 2010 - The Progress & Freedom Foundation Blog

Government Again Behind the Curve: Efforts to Implement Cloud Computing in the Public Sector

Gartner, a leading IT research firm, predicts that "by 2012, 80 percent of Fortune 1000 enterprises will pay for some cloud computing service, while 30 percent of them will pay for cloud computing infrastructure." But there's been far less progress in the public sector, according to recent report released by Vivek Kundra, Obama's Federal Chief Information Officer.

On July 21, Brookings' Center for Technology Innovation held an event called Moving to the Cloud: How the Public Sector Can Leverage the Power of Cloud Computing focused on how to improve the adoption of cloud computing in the public sector, including:

Much of the discussion revolved around a recent paper released by moderator Dr. Darrell M. West considering what must be done to improve federal computing. Although the Federal government spends $76 billion on information technology and $20 billion on hardware, software, and file servers each year, it spends little on cloud computing—which is unfortunate for taxpayers, because of the potential cost savings and efficiency gains from cloud computing.

The panel and West's paper suggested several positive steps that could be taken by government:

  1. There does not appear to be any expansion of government regulation, taxation or control over the cloud computing sector.
  2. The security concerns are real, but manageable.
  3. The private sector's embrace of the cloud highlights the benefits of cloud computing for the public sector.
  4. Privacy issues are not made any worse for those individuals who store data in the cloud.
  5. Over the long term, embracing cloud computing should lo.
  6. The measures being taken aim to empower those who use the cloud to make decisions rather than government bureaucrats.

Each panelist, as requested by Dr. West, presented the actions being taken by his/her respective agency to support the adoption of cloud computing in the public sector.

Dawn Leaf discussed how NIST is providing recommendations and guidance to federal agencies on how to implement the cloud. The NIST mission, in her view, mandates that the agency encourage collaboration between the public and private sector to develop standards, define cloud computing, and develop the Standards Acceleration to Jumpstart Adoption of Cloud Computing (SAJACC) program. Although NIST cannot commit to a completion date for standards, SAJACC is on schedule to be ready by the end of the year.

David McClure surveyed federal cloud computing initiatives being undertaken by the GSA. Because of its mission, GSA sees its role as making government use of technology "cheaper, faster, and greener" through the use of, and enabling government agencies to embrace the cloud. The characteristics, relative ease of mitigating risks, and benefits borne by those who use the cloud were all touted as reasons to adopt the cloud.

Katie Ratte discussed the advisory approach taken by the FTC to the emergence of cloud computing in the public and private spheres: the FTC does not back any specific technology but instead takes a flexible approach. The FTC roundtables on privacy issues have revealed the need to explore many of the same questions asked in other areas of technology policy, the impact of the cloud on citizens and businesses, and why so much discussion has turned back to the cloud.

There were four topics initially presented by Dr. West that reflected many of the questions asked by him and audience members: (1) government's inconsistency across computing platforms, (2) privacy rules and protections, (3) performance transparency, and (4) uniformity of standards.

Government's Inconsistency across Computing Platforms

There are different rules for different mediums (desktops, laptops, mobile devices and the cloud) and across branches of government, thereby creating vast inefficiencies across computing platforms that could be eliminated with the proper actions.

Privacy Rules and Protections

Judicial rulings have given users of cloud computing less privacy protections than other mediums, a situation in which it is unclear whether there should be any distinction. There are also two chief concerns intimately related to privacy issues being raised by Congress: security and data protection.

Performance Transparency

A great sense of public trust could be created if performance data was publically provided on reliability, security, recovery time, maintenance schedules, and data archiving. This would resolve the lack of understanding of cloud computing among the public.

Uniformity of Standards

A more uniform certification process would create efficiencies and significant economies of scale in the process of adopting and using cloud computing in the public sector.

In sum, despite government taking a fairly sensible approach to the adoption of cloud computing, there are certainly costs accrued by implementing and using these technologies. It remains to be seen whether government agencies will take the necessary actions to minimize the costs borne by implementing and using the cloud, as they face a different incentive structure than private industry.

If adoption of the cloud occurs as outlined here, government should be more efficient and cost-effective. Although usually slower than the private sector to adapt, generally speaking, the best measures are being taken in the most appropriate way for government to utilize this technology. The hope is that the cloud will have the same transformative effect on the public sector as it has had on private industry in a way that does not further burden the taxpayer or compromise the privacy of those who use it.

posted by Jeff Levy @ 10:40 AM | Cyber-Security , Innovation , Internet , Software