As the federal government increasingly uses cloud computing to improve operations and services, there are several best practices agencies should keep in mind to optimize the cloud and transform offered services, according to a report released on Wednesday from the Partnership for Public Service and the IBM Center for The Business of Government.
The report highlighted several successes in cloud computing at agencies—such as the National Oceanic and Atmospheric Administration, Federal Emergency Management Agency, the Department of Veterans Affairs, the Census Bureau and the National Institutes of Health—noting that successful strategies included: planning, testing, security, transformation and optimization.
For example, the report found that an effective cloud planning strategy should consider: what data needs to be stored and how the data will be used; where, when, how and who will access the data; the problems the cloud will solve and the tools and services it will enable; the government or private partnerships and capabilities; and future needs.
The report used NOAA’s cloud strategy as an effective example of planning. According to the report, the agency planned and coordinated with partners to develop its multi-cloud solution—commercial and government cloud with on-premise private data systems for a hybrid cloud configuration, allowing NOAA to manage its data. The agency used this collaboration to figure out what it needed and created a capability-based approach to acquisitions, where it uses multiple vendors for different capabilities.
According to the report, the testing element of a successful strategy includes stakeholder collaboration; careful evaluation to detect issues, resource limitations and “predict workforce friction”; measurements that demonstrate the need for cloud solutions; and support from early adopters and leaders. The report used FEMA’s agile framework for full cloud deployment as an example, noting it includes “performance testing, incremental updates and iterative design” and that initial tests showed performance issues, which, for example, helped the agency improve latency.
The report noted that a successful cybersecurity component to cloud strategies requires agencies to keep cybersecurity in mind in all technology considerations; create a security-first culture; establish cybersecurity cooperation across IT; create a team to institutionalize cross-agency collaboration; have security-aware leadership and highly skilled cybersecurity leaders; and make sure that contractors and partners are also secure.
According to the report, the VA’s work is a good example of cloud cybersecurity practices, which allow the agency to manage sensitive data at more than 100 major medical centers. Furthermore, the VA established the Application Hosting, Cloud and Edge Solutions group within its Office of Information Technology to help with collaboration by organizing its cloud administrators to deliver coordinated service. The agency also has security “baked in by design,” the authors noted.
The report also provided guidance on cloud transformation, noting the importance of equipping the people who use it. In order to help workers keep pace with technology, strategies should contain: awareness and attention to staff strengths and gaps; promotion of early adopters and skilled users to use their knowledge to lead; structured support, such as resources, training, incentives and mentorship; purposeful strategies to identify and attract tech talent; and strong change management leadership.
To demonstrate the idea of transformation, the report pointed to the Census Bureau and Office of Personnel Management. The Census used cloud-enabled tools and software-as-a-service to allow for the first self-serve online survey conducted in 2020 and was able to make it available in 13 languages. Meanwhile, both agencies designed their cloud strategies with people-centric approaches. For example, OPM focused on training and professional development.
Lastly, the report noted the importance of optimization, particularly for cost savings and capacity, which requires tracking cloud usage. According to the report, such a strategy should include: monitoring and maintaining access and usage; making sure data and reports on cloud usage and spending are correct; managing service provider relationships; and predicting future needs to help agencies expand cloud access and improve mission delivery.
The report pointed to the NIH as an example of optimizing cloud. For example, the agency’s cloud strategy helped the Science and Technology Research Infrastructure for Discovery, Experimentation and Sustainability Initiative to make use of the increased levels of data the agency was now collecting. The report noted that NIH needed to move the information to the cloud to enable collaboration across datasets, which helped the agency to make more informed decisions, a move that was particularly beneficial during the COVID-19 pandemic. Moreover, the agency’s cloud strategy is currently working to modernize its data sharing policies in a cloud environment.
The experts predicted that in the near-term for cloud computing:
- More agencies will move data and operations to the cloud.
- There will be a rise in governmentwide use of cloud computing and applications.
- Developing cloud capabilities will lead to innovation.
- Public-private partnerships will aim to optimize the cloud environment.
- A focus on workforce training will help employees succeed in using cloud services to support their mission.
- Customer-facing digital services will be transformed with cloud capabilities and multi-cloud systems.
- There will be an increase in fluid data sharing and public access to agency-created data.
“Long term, these changes could revolutionize how our government functions and serves the people,” the report stated. “Carefully developed cloud environments, secure and optimized for performance, provide the foundation for a more modern federal government that offers better service to the public.”