Digital disruption spares no one, including the public sector. In fact, right now, the federal government. is trying its best to remain digitally relevant and play catch up by making the move to the cloud. Technically, the White House is already five years into this transformation plan, but federal CIOs are lagging behind because of a number of unforeseen challenges ranging from security concerns surrounding cloud-hosted data to complications with contracts.
With overall public-sector spending on the cloud up 72 percent since 2012 and projections expected to reach $6.5 billion by 2017, according to CIO.com, industry officials are calling on cloud vendors that are looking to do business with federal agencies to offer better solutions to cut through the government red tape. The biggest areas that need to be addressed are favorable service-level agreements, compliance, security, and cost.
The Sticky Service Level Agreement
It is up to vendors to ease the concerns of government buyers and, according to industry professional Stu Fleagle, vice president of government solutions at Carpathia, they can start by updating their Service Level Agreements (SLAs). He advises that government clients need more flexible agreements, allowing them to terminate the contract in the event that service isn’t up to federal standards or if they ultimately decide an application just isn’t the right fit.
The question of vendor lock-ins gives rise to other essential questions, such as who owns the data and mathematics used to create the analytics. Clear and concise language in agreements that illustrate expectations from the outset can bring clarity to relationships before confusion causes complications. To avoid finger-pointing later on if things don’t work out, service level agreements need to be on point and have contingencies for all possible scenarios.
Lack of Security and Up-to-Date Hardware
Another big concern of government IT decision-makers is security. While some think that the consequences of a data breach may be too severe to allow cloud-integration, Tony Scott, a U.S. CIO, disagrees. “I see the big cloud providers in the same way I see a bank,” he says in CIO. “They have the incentive, they have skills and abilities, and they have the motivation to do a much better job of security than any one company or any one organization can probably do… The better bet is get to the cloud as quick as you can because you’re guaranteed almost to have better security there than you will in any private thing you can do.” I agree. What do you think on this front?
Upgrading equipment is also a challenge. Legacy systems that government agencies are using, such as the one that the Rotary club had been using for the last 15 to 20 years, can make switching over to new hardware tough sell. However, maintaining many of these systems has become such a nightmare that it’s proving more cost-effective to overhaul and replace the systems rather than continue servicing them. Instead of the old cliché where you had CIOs trying to convince the CFO or CEO of the ROI of a hardware upgrade, it’s now the other way around.
Compliance has been another thorn in the side of progress because the Federal Risk and Authorization Management Program (FedRAMP), charged with managing security accreditations for public-sector cloud vendors, is broken. Agencies using cloud services are required by law to seek FedRAMP accreditation, even though the program is plagued by high costs and expenses as well as long wait times. In fact, a MeriTalk poll of 150 federal IT managers found that only 45 percent believes FedRAMP has improved cybersecurity, while 79 percent see it as nothing more than a frustrating and pointless step. Vendors that provide a headache-free experience and who are FedRAMP-ready will be in high demand.
Vendors would do best to remember that one size does not necessarily fit all, as Alan Boissy points out in CIO.
This type of customized service allows for better support of the product, and can even help to increase the relationship between public sector CIOs and cloud vendors for the long haul.