After almost two years into the Federal Government data center consolidation project an interesting roadblock may have emerged to redirect cloud computing efforts. Plans to favor the DISA (Defense Information Systems Agency) cloud for military departments and agencies may be set aside in favor of private sector clouds.
Migration to private sector
Nexgov reports that a part of the 2012 Defense Authorization Act passed last week has lawmakers directing Defense CIO Teri Takai to develop a plan to use commercial cloud computing services instead of DISA's. Within the act, Takai is directed to submit a plan by April 1, 2012, for "migration of Defense data and government-provided services from department owned and operated data centers to cloud computing services generally available within the private sector." This comes less than a month after a Pentagon report stating that as much as $680 million a year, starting in 2015, could be saved if the Defense Department consolidated data centers. The authorization act also zeroed out the Army budget to consolidate its enterprise email with DISA until the service examines alternatives.
Having Cloud Service Providers (CSP) act as a solution to consolidation projects isn't new. Identifying areas where cloud services made sense was a part of the 'cloud first' program. FedRAMP then addressed some of the security concerns, as part of a government-wide program to provide a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP uses approved third party assessment organizations (3PAO) to ensure CSP systems meet FedRAMP requirements, provide evidence of compliance, and play an on-going role in ensuring CSPs meet requirements. A FedRAMP Industry day was held last week in Washington to educate industry representatives on FedRAMP and the 3PAO application process.
Retired Air Force brigadier general Bernie Skoch noted that "vendors will assure Congress and Defense that they can do this as well as DISA, but few of them understand the very real synergy DISA brings in harmonizing security, interoperability and best value." As Nextgov's Bob Brewin points out, there is probably a Christmas bonus in place for some artful lobbying that surely took place recently.