Friday, May 29, 2009

My Meeting with Mr. Vivek Kundra

Earlier this week I had the distinct pleasure and opportunity to have a private meeting with Mr. Vivek Kundra. Although my time with him and Mr. Gary Washington (OMB/Egov &IT Internal Efficiency and Effectiveness Portfolio Manager) was short, their focus and mission were perfectly clear. 

Dominating Mr. Kundra's wall is a graphic showing the Federal IT spend for each agency. From my point of view, this was a statement that highlighted the Federal CIO's #1 goal - stop the practice of building silo’ed IT infrastructures in order to save money in the 2010 budget. After first peppering me with questions about my background and federal experience, Mr. Kundra asked me for recommendations on improving Federal IT procurement. My answers included the need to provide rewards for enhanced IT efficiency, agency incentives to reduce spending and of course, increased use of cloud computing.  On that point, I stressed the need for interoperability, portability and standards.  We also discussed my recommendation for a “Government PAAS”. Such a platform would be owned by the government and used by all agencies on the coming GovCloud. We also briefly discuss the need for strategic coordination between DoD and civilian agencies on a common cloud platform. Mr. Kundra and Mr. Washington thanked me for my input and suggested some further dialog with other government officials. 

As if I needed the prodding, this short experience reinforces my personal views on the critical need for rapid adoption of cloud computing technologies and techniques by the federal establishment. In a few short week, the new administration has demonstrated its willingness to lead this important transition and I look forward to supporting their efforts in any way possible.


Monday, May 25, 2009

Comments for Mr. Kundra (Thank you for the input!)

A little over a week ago I put out a request to my readers to help me with my meeting with Vivek Kundra.  The response has been awesome!! thank you for your suggestions and recommendations, both public and private.  Below, in purely random order, are just some of the comments I've received. If you want to add your voice to the choir, I'll be taking comments through Tuesday evening, May 26th.  During my meeting, I will definitely highlight this dialog and will also leave a listing of all comments for Mr. Kundra's review.

-----------------------------------------------------------------------------------------------

Lewis Shepherd:

Let me just suggest a little thing I'd like Vivek to keep in mind as a guiding principle for open government: Choice.

What do I mean? Government agencies, as they modernize to approach the agility and performance of great commercial IT shops, will be looking to cloud-solution (and other) providers for "business value and choice in a mixed-source world," in the words of Microsoft's Teresa Carlson. The agency CIOs and CTOs whom Vivek leads need the flexibility to choose the best tools to accomplish their mission regardless of platform. I'd hate to see a "one-size-fits-all" prescribed solution (even if it were based on Microsoft products!), and I think we'll all benefit from a balanced approach with appropriate choice and flexibility reserved for smart CIOs.

Jason Matthew McNutt:

I think in order for the govt to adopt such a broad technology there needs to be standards set for interoperability and security first. We all know that standards boards tend to lag behind real world implementations. But in this case the consequences of not going forward with agreed upon security and interop standards is very dangerous. 

What has worked with other technologies is lighting a torch underneath the vendors to get together and provide a set of standards before any govt contracts are let. Sometimes providing that carrot (big carrot) is essential to get everyone in the same room. Good luck with your meeting, very cool!

AJ Malik:

I believe a frank discussion on open source initiatives, with respect to Grid Computing, will be productive. For example, the Open Grid Services Architecture (OGSA), a product of the Grid community at large, represents an evolution towards a Grid system architecture based on Web services concepts and technologies. Furthermore, Data Access and Integration Services (DAIS) is another emerging standard (e.g. WS-DAIR, WS-DAIX) to access and integrate data, within a grid environment, that could drive a unified federated data architecture. All have limited implementations, but are "shovel ready."

Pollock:
  • Does he plan to provide additional mandates related to IPv6 - will he take the next step?
  • Is there a Federal Wide Cloud computing strategy to optimize and outsource government run IT shops.
  • Does he plan to implement BAA compliance in addition to TAA compliance for IT monies in the stimulus package? (at the fed level)
  • Any plans to align government with industry best practices to improve service delivery to the public? Agencies should be creating a roadmap for the network infrastructure that will allow them to rapidly deploy new applications to improve business processes and provide quality public services.
  • Does each agency have a network infrastructure that is capable of handling the applications needed to improve operational efficiency anywhere, anytime, anyplace in support of the mission? This is job number one, every agency must have an agile mission fabric, none of the other things that follow will work well without it.
  • Who is best to provide oversight, implementation, and ongoing maintenance for a given application? We should always be asking the WHO question, modeling industry, and avoiding business as usual.
Alex Stobart:

From the UK there are some open source business processes designed and operating between citizen and government. The main issue with most of our ICT in government is that hitherto procurement has been proprietary ( Oracle ; Microsoft ; EDS ), expensive and completely un-scalable. Each agency has bought its own set.
  • A NGO called mysociety did most of the open source, rich content and user-friendly work http://www.mysociety.org/
  • There is a petitions site to the Prime Minister which has had over 9 million votes
  • There is a fantastic process to write to your elected representative ( local, state , federal ) http://www.writetothem.com/
  • There is a method to report any issue to your local government ( poor street lighting ; graffiti etc.) http://www.fixmystreet.com/
These are all shovel ready and would be immediately transferable to the USA

The other process that you might wish to replicate, or suggest, involves re-coding government data. It was called the Re-Wired State, and a list of projects is here - http://rewiredstate.org/projects

The projects listed demonstrate the intent. How successful you can be will depend on how much data the government lets go.

Other suggestions - facebook for jobs ( after all it is just a market with bids and offers ) ;

You won't manage to have comparable financials across agencies until you have a standardised General Ledger ( something the health service in UK has battled with since 1948 )

Sun's star office suite never took off ; in the UK not many people use pbwiki in government but it seems really successful and ning we use a lot. We are looking at how mental health service users might create ning groups to exchange content, information and collaborate. Their carers or families could also be involved, as eventually might employers and state agencies. To start with, it is the service users only as they are the most motivated to help one another.

Andrew H. LaVanway:

If only the problems here were technology problems. This model has been called a lot of different things over the last decade, but it always seems to fail at SLAs, security, and the unwillingness of leadership to give up their own IT infrastructures. If the PM office tackles just the first two, it will be major progress but still a little short of the change that needs to happen.

Now might be just the right time for a mandate - the business case here is off the charts.

Adam Arthur:

I don't understand why they can't arrange the data to "scatter" across the cloud. If someone hacked into one node, they would only get a "piece" of the information. You would have to be given admin permissions to accurately "piece" the whole picture together. We are doing this with the public health grid at the NCPHI lab at CDC. Seems pretty safe to me.

Guy Martin:

I'd suggest you take a look at what DISA has done with the RACE (Rapid Access Computing Environment) effort they are bringing online, as well as its companion application development environment (http://disa.mil/forge).

While these are specific examples, I think you'll find interesting information to help you in your meeting with Mr. Kundra. DISA has already been thinking a lot about this already.

Ari Herzog:

[Does Mr. Kundra think] the goal should be to build and adopt new technological standards to gain efficiency/effectiveness or to amend current infrastructure and rewrite policies so such technologies have an easier chance of adoption.

[W]here does he stand on the notion of a "one web" solution for the entire executive branch, i.e. instead of individual departments acting like silos with their own social technologies, shouldn't there be an Administration-wide direction and initiative in one?

Deb Lavoy:

[H]ow about working on giving more support to adoption of collaborative and social media tools within the agencies - encouraging the technical, legal and cultural issues that agencies need to get over.

Susan Clizbe:

I would second Ms. [Deb] Lavoy, and add what to me is almost embarrassingly basic: an immediate solution to the ban on thumb drives. Perhaps the ban itself can't be resolved that quickly, but surely there is some way to train and trust people who truly need this technology to do their jobs every day. We in Public Affairs are hampered by the inability to move photos from camera to computer, and I have read about med techs with handheld computers in the field whose issue is not just job-critical but life-critical to their patients.

Savitha Manohar:

Driving innovation and standardization with a view to improving efficiency is a lofty goal. But change is painful- especially for the folks that have to practice this in their work everyday. Compliance can be enforced, but in order to ensure that folks understand the strategy and are committed to realizing the efficiencies, the human component has to be taken into account. It is challenging to change a culture where every agency/department is used to following their own standards to have to now start adhering to a new centralized standard. Pilot initiatives have to go beyond the notion of "one size fits all". Will there be plans to make sure that the resources that have to use this are on board?

Khürt:

There is more to securing "cloud computing" than a bunch of policies and directives. What is your disaster recovery and continuity plan for when the cloud service suffers a failure? Since the data lives in the "cloud", can you be assured that you know "where" it it? I guess the answers depend on your definition of "cloud".

Saturday, May 23, 2009

Congratulations to Roger Baker !!

My congratulations goes out to Roger Baker

I first met Roger a little over a year ago when he interviewed me for my present job at Dataline. At that time he was the CEO and we both shared a vision of how information technology could be used to reduce cost and improve efficiency throughout the Federal government.  He later left Dataline and through ACT/IAC Transition Study Group and the Technology Innovation and Government Reform team went on to provide important input to President Obama's administration. 

Good Luck Roger !!!
Baker Sworn in as VA Assistant Secretary for Information and Technology
— Roger Baker, a former chief executive officer in the information technology industry, took the oath of office yesterday as Assistant Secretary for Information and Technology within the Department of Veterans Affairs (VA).

Wednesday, May 20, 2009

NDU (IRM) and DoD CIO (NII) Co-Hosting Cloud Computing and Cyber Security Symposia

I'm proud to announce two important coming events.

The Information Resources Management (IRM) College and the Office of the Assistant Secretary of Defense (Networks and Information Integration)/DOD CIO are co-hosting a symposia on cloud computing at the college’s campus on Fort Lesley J. McNair Washington DC waterfront), Wednesday, July 15, 2009. The event is open to government, private sector, academic, and international attendees.

The Cloud Computing Symposium” will examine the utility of cloud computing from many angles and offer government IT executives insight into its promise and challenges. The full-day agenda includes:

  • A key-note speech by Vivek Kundra, the nation's first Federal CIO; and
  • Presentations by executives from Google, Lockheed Martin, OSD, IBM, HP, Gartner, TIBCO, NSA, NDU, and DISA.

I am also honored to be one of the presenters.

This symposium will feature a vendor fair and several opportunities for interactive participation by attendees. Topics will include:

  • Future cloud computing expectations
  • Risks and challenges
  • Lessons learned, and
  • Next steps.

The college will also broadcast live, streaming video of the conference.

Registration is now open. Additional information is available at http://www.ndu.edu/irmc/pcs_ilss.htm .

The IRM College and DOD CIO will also co-host the "Web 2.0 Cyber Security Solutions" symposium on Thursday, September 24, 2009. This second event will focus on solutions for solving some of the complex security challenges in the arena of applications such as mash-ups, blogs, wikis, and virtual spaces. In conjunction with the September event, the college will be hosting its annual Academic Partner Open House, where more than 30 academic partners will be on hand to discuss their degree programs with interested individuals who stop by their tables.

The IRM College, a critical component of The National Defense University, grew from a small IT school focused on technology and its applied uses in 1988, to a world-class graduate institution offering an array of programs with national and international influence. The college’s certificates lay a strong foundation in critical information leadership topics, issues, and solutions. The IRM College fosters interagency and international collaboration and communication by providing learning opportunities for approximately 3,000 mid-to-high-level leaders across government annually.

For more information, please visit the IRM College website: http://www.ndu.edu/irmc . Contact: Patty Coopersmith; coopersmithp@ndu.edu, 202-685-2117.

Monday, May 18, 2009

Please Help Me Plan My Meeting With Mr. Vivek Kundra !!

A couple of weeks ago, I was offered a chance to meet Mr. Vivek Kundra at the Eisenhower Executive Office Building in downtown Washington, DC. Needless to say, I was honored to be given the opportunity. Although I was clear on my own views of how the Federal government could use cloud computing, the Obama administration's plans were, at that time, anything but certain. What a difference a week makes !!

As has been widely reported, the President's 2010 Budget submission has firmly set cloud computing as a "key tool for improving innovation, efficiency and effectiveness in Federal IT. The GSA has emphasized this edict by releasing a request for information (RFI) for Infrastructure as a Service offerings. This rapid and fairly decisive course change to the way Federal IT will be procured in the future can potentially change an entire industry. Looking at what has happened in the financial and automotive industries, this could also be seen as the administration flexing its muscle yet again in order to set the direction of a crucial component of the US economic system.

So now, with a little over a week before my meeting with Mr. Kundra, what do I talk about? Since the administrations direction has now been set, there's clearly no need to discuss cloud computing as the right direction for Federal IT. Not being a political pundit or economic advisor, I will definitely stay away from the debates around government influence over the commercial sector. So as a technologist, I will stick to my knitting and discuss what technologies the coming GovCloud implementation will be able to leverage going forward.

If you have any suggestions for me, I would be happy to hear about them. The only thing I ask is for your recommendations to be focused on general technologies, industry standards or open source approaches. Please, no specific commercial products or specific technology implementations.

Of particular interest to me will be those technologies, standards or approaches that are "shovel ready", and available for pilot implementations today! As outlined in the budget, "... pilot projects will be implemented to offer an opportunity to utilize more fully and broadly departmental and agency architectures to identify enterprise-wide common services and solutions, with a new emphasis on cloud-computing. The pilots will test a variety of services and delivery modes, provisioning approaches, options, and opportunities that cloud computing brings to Federal Government. Additionally, the multiple approaches will focus on measuring service, cost, and performance; refining and scaling pilots to full capabilities; and providing financial support to accelerate migration".

I look forward to your assistance on this!

Kevin Jackson
kvjacksn@gmail.com

Tuesday, May 12, 2009

President Obama's 2010 Budget Highlights Cloud Computing

President Obama's 2010 Budget (pp. 157-158) has highlighted cloud computing as a key tool for improving innovation, efficiency and effectiveness in Federal IT.

" Cloud-computing is a convenient, on-demand model for network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. The cloud element of cloud-computing derives from a metaphor used for the Internet, from the way it is often depicted in computer network diagrams. Conceptually it refers to a model of scalable, real-time, internet-based information technology services and resources, satisfying the computing needs of users, without the users incurring the costs of maintaining the underlying infrastructure. Examples in the private sector involve providing common business applications online, which are accessed from a web browser, with software and data stored on the “cloud” provider’s servers."

In addressing common concerns around security, the document takes this challenge on by appropriately charging agencies to have a proactive risk management plan.

"Implementing a cloud-computing platform incurs different risks than dedicated agency data centers. Risks associated with the implementation of a new technology service delivery model include policy changes, implementation of dynamic applications, and securing the dynamic environment. The mitigation plan for these risks depends on establishing a proactive program management office to implement industry best practices and government policies in the management of any program. In addition, the Federal community will need to actively put in place new security measures which will allow dynamic application use and information-sharing to be implemented in a secure fashion. In order to achieve these goals, pilot programs will provide a model for scaling across the Government. "

The administrations plans to transform the Federal IT infrastructure by "virtualizing data centers, consolidating data centers and operations, and ultimately adopting a cloud-computing business model". The effort will include multiple pilots and a major new initiative led by the Federal CIO, Vivek Kundra, and supported by the Federal CIO council.

What a great day for Federal Cloud Computing !!

Thursday, May 7, 2009

Federal Cloud Computing Heating Up !

As fellow blogger Reuven Cohen mentions in his post, Federal cloud computing is indeed heating up:
  • Vivek Kundra held a US Federal Government Cloud Computing Summit yesterday
  • The Federal CIO Council is officially studying effective uses of cloud computing
  • According to Network World, an INPUT study places Federal spend on cloud services at $277M in 2008 growing to $793M by 2013
  • Patrick Stingley has been named as the CTO, Federal Cloud for GSA
  • NIST has reveled their draft definition of cloud computing (see below)

----------------------------------------------------------------------------------------


Draft NIST Working Definition of Cloud Computing

4-24-09


Peter Mell and Tim Grance - National Institute of Standards and Technology, Information Technology Laboratory

Note 1: Cloud computing is still an evolving paradigm. Its definitions, use cases, underlying technologies, issues, risks, and benefits will be refined in a spirited debate by the public and private sectors. These definitions, attributes, and characteristics will evolve and change over time.

Note 2: The cloud computing industry represents a large ecosystem of many models, vendors, and market niches. This definition attempts to encompass all of the various cloud approaches.

Definition of Cloud Computing:


Cloud computing is a pay-per-use model for enabling available, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is comprised of five key characteristics, three delivery models, and four deployment models.

Key Characteristics:

  • On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed without requiring human interaction with each service’s provider.
  • Ubiquitous network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs).
  • Location independent resource pooling. The provider’s computing resources are pooled to serve all consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. The customer generally has no control or knowledge over the exact location of the provided resources. Examples of resources include storage, processing, memory, network bandwidth, and virtual machines.
  • Rapid elasticity. Capabilities can be rapidly and elastically provisioned to quickly scale up and rapidly released to quickly scale down. To the consumer, the capabilities available for rent often appear to be infinite and can be purchased in any quantity at any time.
  • Pay per use. Capabilities are charged using a metered, fee-for-service, or advertising based billing model to promote optimization of resource use. Examples are measuring the storage, bandwidth, and computing resources consumed and charging for the number of active user accounts per month. Clouds within an organization accrue cost between business units and may or may not use actual currency.

Note: Cloud software takes full advantage of the cloud paradigm by being service oriented with a focus on statelessness, low coupling, modularity, and semantic interoperability.

Delivery Models:

  • Cloud Software as a Service (SaaS). The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure and accessible from various client devices through a thin client interface such as a Web browser (e.g., web-based email). The consumer does not manage or control the underlying cloud infrastructure, network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.
  • Cloud Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created applications using programming languages and tools supported by the provider (e.g., java, python, .Net). The consumer does not manage or control the underlying cloud infrastructure, network, servers, operating systems, or storage, but the consumer has control over the deployed applications and possibly application hosting environment configurations.
  • Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer is to rent processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly select networking components (e.g., firewalls, load balancers).

Deployment Models:

  • Private cloud. The cloud infrastructure is owned or leased by a single organization and is operated solely for that organization.
  • Community cloud. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations).
  • Public cloud. The cloud infrastructure is owned by an organization selling cloud services to the general public or to a large industry group.
  • Hybrid cloud. The cloud infrastructure is a composition of two or more clouds (internal, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting).

Each deployment model instance has one of two types: internal or external. Internal clouds reside within an organizations network security perimeter and external clouds reside outside the same perimeter.

Monday, May 4, 2009

USA.gov "Flips the switch" to Cloud Computing

Last weekend, USA.gov shifted to a cloud computing platform. This move is expected to reduce infrastructure expenses by 90% and drastically improve flexibility.

"'We are flipping the switch tomorrow to the cloud computing platform, so this is a nervous day,' said Martha Dorris, acting associate administrator for the General Services Administration's (GSA) Office of Citizen Services and Communications, on Friday, May 1. The office operates USA.gov which receives more than 100 million visits per year. Dorris spoke at the 2009 mid-year conference of the National Association of State Chief Information Officers (NASCIO)."


Ms Dorris also highlighted the fact that this was not a technology story, but represented the completion of a "difficult cultural shift for agency staff ".

Provided by Terramark, this also provides an important proof point for government cloud computing.