Each Agency CIO will be required to identify three services and create a project plan for migrating each of them to cloud solutions and retiring the associated legacy systems. Of the three, at least one of the services must fully migrate to a cloud solution within 12 months and the remaining two within 18 months. Such migrations will not be allowed to function as isolated “silo” environments, but will have to be interoperable as well as portable in compliance with standards, yet to be published. The planned migration into the cloud environment will have to be deployed rapidly, while generating cost reductions.
The question is how will Agencies accomplish the stated goals? Migrated one Agency branch at a time? Or, migrate one application at a time? Or, move just the work of one component as a token effort to comply with numerical targets? How much the migration to a cloud environment will be seen as a success? Will five, ten or twenty of an Agency budget be housed as a cloud service after a year?
The solution to these questions can be perhaps found in the concept of migration to a hybrid cloud environment. Software has just become available that provides a link between internal and external clouds that moves virtual machines between a hosted service (public clouds) and an organization's own internal systems (private clouds). Agencies will now have the choice of first migrating into a secure public cloud applications that can be easily standardized, such as e-mail, calendars, collaboration utilities, group communications, documents, spreadsheets, presentations, videos, slide shows, browsers and project management. These would then become Government Standard Utility Applications (GSApps).
Standard applications represent a significant share of the cost of operations of any Agency. Whatever variability in these applications may exist at present is a reflection of the way they were acquired rather than of the functionality they perform. Consequently, migration to GSApps is feasible, while provisions can be made to add features in a few isolated cases where that can be justified.
GSApps would be then delivered in a Software-as-a-Service (SaaS) mode, which would relieve the government of large staffs currently devoted to software development, software maintenance, software upgrading as well as operating personnel that at present mind in-house servers performing these functions. Such reductions in manpower should be also seen as a major gain in government security since GSApps are hosted in highly automated and security assured environments. SaaS would also replace server farms, which would represent a step in the direction of reducing the number of data centers.
If the government embraces GSApps, they would be guaranteed to be interoperable while achieving enormous immediate cost reductions. Of course, compliance with FISMA and conformity with industry security standards would become a prerequisite for choosing the hosting services. Uptime and low latency would have to be assured. Redundant files with the records of all transactions would also have to be provided as a part of the service, including features such as de-duplication.
Migration costs from the prevailing environment, which is now based on Microsoft Exchange of Lotus Notes, would be relatively easy to execute, since several hosting vendors offer conversion software for the translation of addresses and files. Since most of the hosted applications in already imitate the visual experience that customers are used to, minimal training would be necessary.
A hybrid migration into the cloud environment appears to be the best approach to comply with directions outlined by Kundra. A properly configured and reliable SaaS can relieve Agencies of perhaps up to a half of the transaction workload, while reducing servers and operating personnel. However, such a move will require the adoption of standard cloud connector software which will make it possible to subsequently connect Infrastructure-as-a-Service and Platform-as-a-Service cloud adoption for applications that are require DoD to retain complete control over its applications and its databases.