by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : June and July 2016
Cloud computing has clearly moved into the mainstream mix of federal information technology. For the last five years, White House policy for federal agencies has indeed been Cloud First. The term “cloud first” was never precisely defined, but the Office of Management and Budget has made it clear it wants agencies to use a rigorous decision-making process for migrating IT to cloud providers. It needs agency IT shops to shift their mindsets from assets to services. This mode of thinking has already started to take hold at the state government level. It’s clear the reality of cloud computing and migrating services to the cloud is more complicated than simply issuing a policy mandate, though. Agency IT leaders must plan for and account for each step along the way. From an applications standpoint, cloud hosting can go one of several ways. Simply re-hosting might be simplest method, but an agency could run into latency issues or incompatibilities with the cloud provider’s infrastructure. Plus the application might not be able to take advantage of a primary cloud benefits like scalability. One way around this is to refactor the application. Then you’d have two versions of the same application running. This would limit the agility between cloud and government-owned facilities. Revising or rebuilding the code can be expensive. It can also lead to cloud vendor lock-in. On the other hand, those actions might constitute an opportunity to modernize an application. Often the decision to host an application leads to the ultimate application solution; simply replacing the application with a commercial Software-as-a-Service product. That provides predictable pricing, freedom from licensing complexities and avoidance of development costs. An agency has to determine whether or not the SaaS can work consistently with government processes and policies. FEDRAMP APPROVAL From a service standpoint, agencies face a host of questions and decisions when it comes to planning and conducting cloud migrations. The Federal Risk and Authorization Management Program, or FedRAMP, has taken some of the risk out of medium-security applications in the cloud. The General Services Administration (GSA) and its partners are working to streamline the process of accrediting cloud providers. FedRAMP approval has become essential for vendors and a check- off for contracting offices and CIOs. Among cloud vendors with FedRAMP certification, agencies still have many considerations. One thing they have in common, however, is ensuring agencies consistently get the required levels of performance. According to the National Institute for Standards and Technology (NIST), which has done extensive work on cloud computing, agency cloud metrics revolve around three components of service. NIST calls service selection, service agreement and service verification the trifecta of cloud service. Each of those three areas has an associated set of metrics. These vary according to individual agency requirements, so there’s no single universal matrix. Still, the final service level agreement will govern whether or not an agency gets the type and quality of service it requires. So the decision process is significant. Because so many agencies have legacy applications that are impossible to virtualize or even rework for the cloud—or some that have national security implications—the hybrid cloud model prevails in the federal market. Even within the hybrid model, though, there are many varieties and options. Clouds may be commercial multi- tenant, commercial single (government) tenant, or other federal services such as the Agriculture Department’s National Finance Center. Either full-time government or contractor staff may operate and administer those agency- built clouds. For purposes of cybersecurity, capacity planning, and performance, the hybrid cloud model continues to emerge as the leading choice. There are many data sources the network operations center and the security operations center must incorporate in their analysis, but the hybrid model continues to provide the most flexible capabilities. Any cloud planning project must start with the end-game in mind. An agency CIO must be able to maintain security and integrity of data and ensure application availability and performance for which the agency is paying. Are Hybrid Clouds the Answer? GameChanger MONITORING AND MEASURING ARE CRITICAL FUNCTIONS SPONSORED REPORT ENTERPRISE VISIBILITY Shutterstock.com As more federal agencies move to the cloud, the hybrid cloud model remains the most viable.
August and September 2016