Thursday, December 17, 2009

Enterprise Architecture Key to Avoiding Cloud Computing Cloud Sprawl – AFCEA Federal Cloud Computing Environment Forum

Attendance at today's Armed Forces Communications and Electronics Association (AFCEA) Bethesda Chapter Breakfast Series entitled "Federal Cloud Computing Environments – Modernizing IT Systems" was very heavy, as viewed from the Blackstone Technology Group sponsored table. The panel discussion and DC Federal IT community networking conversation revolved around the push to promote and adopt cloud computing as part of the Obama administration’s effort to modernize the government’s information technology systems, and to help reduce the $75 billion annual budget for Federal IT in the process.

The event panelists held an informative and rigorous discussion about how cloud computing is enabling IT professionals (government and industry) to rethink the packaging, delivery and operation of government services, and is changing the landscape of government IT infrastructure management and streamlining system, network and storage management. Panelists included Casey Coleman (Moderator - Chief Information Officer, General Services Administration), Chris Kemp (CIO, NASA Ames Research Center), Alfred Rivera (Director - Computing Services Directorate, Defense Information Systems Agency or DISA), Keith Trippie (Executive Director - Enterprise System Development Office (ESDO), Office of the CIO, Department of Homeland Security), and Peter Tseronis (Associate CIO, Department of Energy).

Quite a bit of conversation centered on the precept that Enterprise Architecture is absolutely critical for Cloud Computing success. EA helps translate OMB’s IT Investment guidance and Component mission business models into an operational language that more effectively guides IT retooling to support cloud computing concepts such as self-provisioning, software-as-a-service (SaaS), and shared SOA services. Whether a Cloud Computing program and infrastructure is implemented to provision infrastructure for laboratory scientists (e.g. NASA’s Nebula Program), or for enabling rapid self-provisioning of elastic, scalable, and virtual services to front-line Warfighters (e.g. DISA’s Rapid Access Computing Environment, or “RACE” Program); the business and socialization challenges are similar.

According to the panelists, many Federal programs aren’t yet able to operationalize their Enterprise Architecture, by executing coordinated, efficient IT procurements informed by an enterprise-wide, standards-based, comprehensive and easily understood business case. “This is Enterprise Architecture’s time”…and EA is key to avoiding cloud proliferation, sprawl or otherwise redundant IT governance and investments (and finding ways to leverage existing, underutilized infrastructure investments as GFE in new cloud-computing acquisition strategies).

While most discussion centered on the “brutal standardization” required for cloud-based IT Infrastructure Management and Services, additional conversation developed concerning more customer-centric and application-oriented objectives, i.e. "Software as a Service" or SaaS. In particular, the DHS ESDO is embarking on a major initiative to fulfill DHS objectives for delivering customer-centric applications and information services on demand, governed by the Department's rapidly evolving Services-Oriented Architecture (SOA) Enterprise Architecture and Homeland Security Information-Sharing initiatives (Federal EA SOA ESB governance initiatives that Blackstone Technology Group is helping to drive across the Department.)

Conversation also addressed issues relating to Security Certification & Accreditation (C&A) challenges – particularly the rapidly-growing tension between “consumerism of IT” (i.e. user expectations that government services offer commercial features and public data) and information or application sensitivity. Currently mandated security processes and controls aren’t necessarily compatible with the “elastic” properties of cloud implementation, i.e. the on-demand utilization or release of IT resources through dynamic infrastructure configuration. Also, perceived risks far more often stand in the way of cloud-computing security policies, vs. actual risks – this therefore requires much more effort on the part of “translators” bridging the gap between business and technology, i.e. the Enterprise Architects.

No comments: