And now we wrap up our conversation about NASA’s JPL moving toward cloud computing.
In our final segment with guests Tom Soderstrom, IT CTO at NASA JPL and Khawaja Shams, senior solution architect at NASA JPL, they give us their final thoughts on the benefits of cloud.
TS: I would say there’s a couple of [benefits]. One is, in our industry we look at something we call the technology readiness level. It starts very early with an abstract idea — level 1 — and then when it’s operational, it becomes level 9. Now . . . we’re thinking about the cloud readiness level, so we’re getting JPL up the curve on this cloud readiness level, and we [had] a JPL cloud day — the first in a series. . . . Our overall goal is to run an application and the storage and the computing wherever it’s most appropriate.
So, the cloud for us gives us a new avenue, a new tier of options.
We’ll have our internal data centers with private clouds, we’ll use [a] community cloud . . . And then the ultimate goal is to [use] a public cloud. We have data in Amazon and Microsoft. We also have data in Google’s cloud.
To do that, we need some kind of cloud brokering, and we went out to industry and tried to buy it, frankly, but it doesn’t exist yet, so we’re creating it. We call it the Cloud Application Suitability Matrix — CASM — and that’s the set of questions that gives a score and assesses in which cloud this particular application is the most suitable to run. We think that’s going to be a big trend — this cloud brokering, if you will.
The partnering part, I can’t stress enough, how important it is for all of us in government and the private sector to just get started — to try it — because you learn a lot.
One unanticipated consequence is, of course, there’s a lot of excitement about the cloud, so you’re making connections and you’re making partnerships that otherwise would have taken a lot longer. We have very good relationships with lots of vendors and agencies.
The last piece, I would say, is . . . the CIO at JPL came up with this idea of replacing the procurement screen with a provisioning screen. That kind of says it all. We’re trying to give self-service to the users of IT so that they can get the computing they need when they need it, and turn it off when they need it, so we can spend less money on IT and more money on science.
The whole effort is to keep it real, and we did that from the very beginning and it’s proven very effective. It’s not an IT benefit, it’s a business of the institution benefit.
KS: One thing I’d like to add is, I know that a lot of institutions are very wary of security.
At JPL, instead of stopping to use the cloud because of security problems, we are trying to address the security problems and trying to create best practices and secure ways ot use the cloud without actually compromising the privacy or integrity of our data.
Our admission developers are working very closely with our office of the CIO and the IT security teams to make sure that we can leverage the benfits of the cloud without compromising our security.
TS: We think that the cloud could be more secure than what we do today, because it becomes, in many ways, more uniform so you can react to threats much more quickly and you can segment off things like denial of service attacks and keep going in a different part of the cloud. We have worked very closely with key vendors and cloud security teams . . . and the biggest obstacle, I would say, is going to come from the auditing function.
The auditing function needs to figure out how an application that used to run on one server in one data center now could [run] on multiple servers in multiple data centers. How do you audit that to make sure it’s secure? Until we can do that, we probably can’t go live with anything substantial.
So we’re working very closely with vendors and the auditors to facilitate that, be an early explorer and help industry in that area.