The Defense Department’s request for information for cloud computing in late October is giving industry heartburn.
At the same time, the General Services Administration has issued several acquisition notices for cloud computing services that are giving agencies hope and excitement. One, from late October, with the Space and Naval Warfare Systems Center Atlantic (SPAWARSYSCEN), is for commercial hosting cloud services (CHS). A second request for information from the Federal Risk Authorization Management Program (FedRAMP) program management office is for help in developing standard contract language for agencies to use as they acquire secure cloud-based products.
And then there are assorted RFIs and solicitations from the Interior and Veterans Affairs departments, the Air Force and the Defense Department’s Joint Service Provider, all for cloud services.
In the last few months, the number of acquisition actions from many agencies — whether RFIs, sources sought notices or requests for proposals — seems to have hit a crescendo of sorts.
Seven years after the Office of Management and Budget directed agencies to consider moving to the cloud first and foremost, agencies finally are ready to pick up the pace.
“Almost every agency is talking publicly about migrating and leveraging the cloud, especially around transformation and modernization of IT. It is very much a common theme right now,” said Gary Wang, the vice president of cloud and infrastructure services for Unisys Federal, in an interview with Federal News Radio. “This is really an inflection point for cloud, and we expect to see more and more of this.”
While the anecdotal evidence from vendors and through random solicitations is helpful, the actual procurement data doesn’t lie.
Bloomberg Government found that since 2013, agencies have spent more than $7.3 billion on cloud computing services, including $1.8 billion in 2017, which is double the amount spent just five years ago.
Cloud spending FY 2013 to 2017
Bloomberg Government looked across more than 3,000 contracts in early December for any reference to cloud computing. Below are the results from six of the largest contracts that referenced cloud computing services.
GSA Schedule 70
VMWare Software & Maintenance and Licsenses
DHS EAGLE I
Federal Student Aid Virtual Data Center
NASA SEWP V
Five Year total for all contracts
Now to be clear, just over a year ago, I quoted numbers telling a different story about cloud. Market research firm GovWin found cloud spending had not lived up to its promise.
Part of the challenge is how agencies code their procurement actions when buying cloud, and another part of the challenge could be related to the time for the data to fully reflect all the contracting actions that happen in a given year.
A third explanation comes from Dom Delmolino, the chief technology officer for Accenture. He called all of this activity part of the evolution the government has been experiencing over the last five or so years.
“We keep seeing barriers to adoption being removed,” he said in an interview with Federal News Radio. “We saw FedRAMP high for [Microsoft] Azure and Amazon Web Services, and AWS get a DoD impact level 5 provisional approval from the Defense Information Systems Agency. Where once an organization said maybe only some apps can go to cloud, now the whole landscape can go. There is guidance, and now what were once barriers or concerns seem alleviated. Added to that, agencies’ interest in artificial intelligence and Microsoft putting cognitive services in its government cloud, agencies can do all kinds of things in the public cloud and have top cover.”
Shawn McCarthy, research director for IDC Government Insights, provided me with estimates that more closely match what Bloomberg Government found. He said public cloud services will account for about half of the $2.15 billion in spending in 2017. By 2021, agency spending on public cloud is projected to increase to $1.9 billion out of the $3.3 billion.
Peter O’Donoghue, the vice president of application services for Unisys, said agencies are much more comfortable and confident with cloud services, which then is opening the door to address a lot of pent-up demand for new capabilities.
“We are seeing a lot of CIOs wanting to move to the cloud as they are trying to be compliant with the cloud-first policy, data center optimization mandate and other requirements,” he said. “Over the last two years, we had a homeland security customer who was under extreme pressure to set up mission-critical functions in the cloud. It was a priority for the new administration as well, and it had to be done quickly. We are starting to see a pattern where mission owners and some CIOs want to tap into the insane amount of innovation and solve real problems in a short time frame.”
That demand to transform, modernize and upgrade mission and commodity IT functions is coming through in the dozen different acquisition actions over the last few months.
The DoD RFI is probably the most interesting one. After Defense Deputy Secretary Pat Shanahan created a cloud executive steering group in September to accelerate the military’s move to the cloud, DoD issued an RFI asking for input from vendors on infrastructure- and platform-as-a-service offerings. The Pentagon wanted details from industry across a host of areas, including policy and regulation barriers, cost and pricing, and bringing cloud to the tactical edge.
Several industry groups expressed serious concerns about DoD’s initial concepts.
The IT Alliance for Public Sector responded to the RFI by detailing why a single cloud, one-size-fits-all concept would be bad for DoD as well as for industry.
“A department cloud comprised of multiple interoperable offerings — each honed by a different provider based on its learnings from other sophisticated enterprise deployments — would ensure the department obtains the benefits of competition to achieve best value for both warfighter and taxpayer. In fact, almost all Fortune 500 counterparts have established multi-cloud architectures because no one cloud solution meets all of their mission and business application requirements,” wrote Trey Hodgkins, ITAPS senior vice president for the public sector, in a letter to DoD. “In addition, selecting only one cloud provider drastically impairs competition in the future. The costs to migrate data from one system to another are likely to be high, deterring the department from deviating from the incumbent — even if the incumbent’s future technology is clearly inferior — when the contract comes up for rebidding years from now.”
Another good-government organization, the IT Acquisition Advisory Council (IT-AAC), went even further to discourage DoD from going down the path of a single cloud provider.
IT-AAC said in its response to the RFI that DoD must “usher in alternative processes and expertise that are not vested in the status quo.”
“Don’t build it, buy hybrid cloud and hyper-converged infrastructure that is preconfigured and industry tested. We have documented over 60 viable commercial cloud offerings suited for every possible need; Back Office, Tactical, ISR Cloud, On-Prem, Off Prem, etc. Knowing your business before jumping into technology is key to your success,” IT-ACC stated. “If [DoD] continue to misapply the current DoD requirements (JCIDS), architecture (DODAF), and procurement (DoD5000) models, this will absolutely fail. Other Transactional Authorities (OTAs) are also not the answer as they eliminate competition and sound decision making. As with any critical technology, Open Architectures defined by consensus-based standards bodies are key to vendor lock-in (BTW, Open Source does not equal Open Architectures). Do not ‘lift and shift’ legacy applications not designed for the cloud without refactoring. There will be zero savings, and likely increased cost and performance problems.”
There are further concerns that DoD wants to end its MilCloud 2.0 effort and move toward a similar approach that the CIA is taking with AWS as a main cloud provider for the intelligence community.
While there still is a lot to be determined about DoD’s eventual approach, several military services and agencies are moving to the cloud. The U.S. Transportation Command plans, by next July, to migrate all of the logistics systems it uses to interface with the private-sector transportation companies who move DoD goods and personnel by air, land and sea to the cloud.
The initiatives by DoD, GSA and others fit into what experts say will be a continuing trend among cloud — hybrid or public-private cloud will remain the preferred choice for several years.
Unisys’s Wang said while agencies have overcome many of the privacy and security concerns —through FedRAMP — they still have a ways to go to get past the cultural barriers.
“We also noticed that a lot of agencies want to expand into multiple clouds,” he said. “For example, Transportation was in Azure for the last three years and now wants to expand to AWS. The Air Force has used AWS and now wants to expand into different cloud service provider.”
Accenture’s Delmolino agreed that the hybrid model will remain popular for the short term.
“There is a learning that has to occur and it takes about a year to understand how to use it, how to secure it and how to document that security,” he said. “ There still is a lot of discovery going on. But at the same time, there is more activity, and it gets back to the current landscape where cloud capable because of security changes.”