“We are not changing the commitment to cloud first and considering cloud first, but what the strategy recognizes is ensure the technology fits the mission that you are trying to serve,” said Suzette Kent, the federal chief information officer, during a press briefing on Sept. 24 in Washington. “The cloud first strategy was actually released in 2010 and it was part of the 25-point implementation plan and reform federal IT. It was at a time when cloud was still new and many agencies were early in journey and adopting their technologies. We’ve learned a substantial amount within the federal government as well as the capabilities in industry have significantly advanced.”
OMB focused the draft strategy around three main areas: workforce, security and procurement where Kent has laid out 22 actions slated that her office, the CIO Council and lead agencies will accomplish over the next 18 months.
“It defines an integrated approach for agencies to more extensively leverage cloud technologies, and it updates the original approach and closes some gaps in policy that allows faster adoption as well as streamlining some of the activities,” Kent said. “It’s about equipping the agencies with tools, knowledge and flexibilities to make smart decisions and not just have a one-size-fits-all.”
Mike Hettinger, the managing principal of the Hettinger Strategy Group, said agencies have come a long way over the past eight years and the new strategy is about keeping that momentum going.
“A handful of things stand out to me from the list of CIO action items and that includes what looks like the development of a cloud information center, the to-be-issued revised data center consolidation policy within six months, the governmentwide cloud solutions category team and the potential development of new cloud acquisition vehicles. These are the ones I will be watching as this moves forward,” he said in an email to Federal News Radio.
Kent said OMB fully realizes that agencies have made progress in implementing cloud services, but the goal of the strategy is to accelerate that effort, which is why the strategy address acquisition, workforce and security. OMB said in August about 50 percent of all civilian agency email boxes are in the cloud.
She said these three areas will help agencies sustain the cloud services and continue to get value out of them.
“Agencies should review their information technology portfolios to determine modernization plans for existing tools. They are encouraged to perform and leverage a full system and application rationalization, and those that have not begun this process are encouraged to start immediately,” OMB states in the strategy. “As part of this effort, agencies should consider whether virtualization, containerization and other modern practices can be leveraged to increase efficiency in agency-owned data centers and vendor offerings.”
80 percent of IT modernization strategy tasks finished
The administration called for an updated cloud policy under its IT modernization strategy from last December. Kent said 43 of 52 tasks under that effort are finished.
Under the cloud smart initiative, Kent said OMB is close to finalizing new draft policy updates for the Trusted Internet Connections, data center consolidation and optimization and the high-valued assets.
Kent said new policies for TIC, HVA, the continuous diagnostics and mitigation (CDM) program and data centers should be out for comment in the coming weeks.
“OMB, in coordination with General Services Administration, will develop a strategic plan to evolve the authorization to operate (ATO) process to modernize the federal technology landscape and enhance each agency-specific mission,” the strategy states. “This strategic plan will propose concrete deliverables seeking to simplify processes, eliminate duplication and innovate agency approaches to security authorization in the cloud.”
Additionally nine months after OMB finalizes the cloud smart strategy, the CIO Council and GSA will “create a first-of-its kind view of agency requirements across the federal security enterprise, which will serve as the foundation for future strategic initiatives. Individual agency risk management decisions will be used to better inform and articulate requirements and responsibilities across the executive branch enterprise and to create an agile iterative ATO process.”
Cloud contracting recommendations forthcoming
Under the procurement part of the draft, OMB says the new cloud solutions category team will recommend a set of governmentwide contract vehicles for cloud services. OMB says as agencies adopt these contracts, the government will get better prices, help agencies operate more efficiently and expand collection and sharing of governmentwide buying data leading to better-informed business decisions.
Among the seven goals of the workforce section, OMB says six months after it finalizes the draft it will work with the CIO and Chief Human Capital Officers councils to “develop a market-informed pay and compensation strategy. The strategy will address mission-critical technology and cybersecurity positions to improve recruitment and retention outcomes, as well as reduce barriers to hiring the nation’s top talent for technical and emerging technology roles.”
Additionally, the Office of Personnel Management, the Homeland Security Department and the CIO and CHCO councils will work on several different personnel initiatives, including identifying critical skill gaps and ensuring reskilling efforts address those areas where agencies need the most help to move to the cloud.
“Agencies are strongly encouraged to use available hiring authorities, recruitment, and student loan repayment incentives to hire professionals with highly sought-after cloud computing skills,” OMB states. “It is incumbent upon federal agencies to ensure that their current and future workforce is prepared to support federal cloud environments. Agency cloud strategies should enable leaders to develop and empower the information technology and cybersecurity workforce with the skills required to achieve cloud migration goals and support the latest technology that will improve critical citizen services.”