How NASA Is Finding Success in the Cloud

At NASA's Jet Propulsion Lab, our six-year journey toward cloud computing has been an exciting, sometimes bumpy, but overall rewarding ride. Technologies were easy to adapt and change, but culture and the softer skills were not. Based on JPL's experiences, we offer these suggestions for agencies looking to make their way to the cloud.

Get started right away. Legacy applications are difficult to move to the cloud. A simpler option is a compelling prototype that solves a real business problem, especially one with customers who are impatient to see the prototype finished. Mobile apps are often a good fit. Many agencies have several in the queue waiting for busy IT personnel to tackle them.

Seek out the most compelling use case. The app that succeeds in an initial cloud migration is usually one with a practical purpose (not just an IT experiment). IT leaders should take the prototype all the way through to a bill from the cloud vendor, so the agency can measure its cloud readiness. Here are some use cases in which we saw the largest benefits:

• Mobile applications: Processing and security for these apps run in the cloud. We had success with outreach games running on most mobile devices for which all the processing happens on the cloud provider's servers.
• Collaboration between external parties: The agency can host the application in a neutral location, enable only the needed security and overhead, and easily shut it down once the initiative is complete. We held science workshops using the cloud that allowed us to be 50 percent more efficient with our time.
• Temporary computing capacity: By using a cloud computing solution, we paid 100 times less for the Mars Curiosity rover outreach than for a similar project nine years earlier.
• Innovation and test sandbox: We are using a more secure cloud to prototype and test many new applications quickly and securely. We have gone from weeks to hours in trying new ideas.

Set expectations — excluding initial ROI. Rather than worrying about the initial return on investment of a cloud project, agencies should focus on "return on attention" and speed to market. If a compelling prototype that uses cloud computing gains attention from at least one executive, it is likely to get the investment it needs, and IT leaders can then measure ROI. Simply put, without ROA there can be no ROI. For us, the initial benefits were speed and simplicity. The cost savings came later.

IT should enable the cloud journey. IT staff are in a unique position to promote cloud computing. We do this by:

• Explaining the available cloud options.
• Setting up training sessions and training accounts.
• Providing beginners with free cloud computing access.
• Providing a venue where successful prototypes or implementations and lessons learned can be discussed.
• Implementing vendor solutions.
• Negotiating with vendors.

Design the cloud effort to fit existing policies. If an agency can show its legal and procurement departments that the way the organization uses the cloud is just a variant of an existing policy, IT leaders will have taken a significant shortcut in their journey.

Think through the contracting strategy. An agency's IT leaders should focus not on one contract, but on an overall contracting strategy. We broke our contracting logjam by getting everyone in the room at the same time to decide which areas were important and where we could relax. For example, we don't compromise on owning our data; regardless of what happens, we will get our data back. We also included the vendors in these meetings. This led to a strong partnership among our legal, procurement and IT organizations — and our cloud providers — which has paid innovation dividends ever since.

Establish a Cloud Computing Commodity Board. The CCCB contains members from all stakeholder groups and meets monthly to approve new cloud vendors or new capabilities from existing vendors.

Meet face to face with cloud vendors. Agency personnel should meet in person or by video conference to discuss important issues with their cloud vendor counterparts. This would allow agency finance professionals, for example, to have their questions answered directly by the cloud vendor's finance team.

Determine up front how to pass a compliance audit. To make sure their cloud deployments meet the requirements of various regulations, agency leaders should proactively seek out everyone who will have a say in the audit and ask for their advice. It's human nature to avoid these conversations, but partnering with auditors will help to ensure compliance.

For security, review every application and place it in the most appropriate location. By paying attention to security at the application level, it becomes part of the normal process, and ensures that applications and data are placed in the appropriate cloud environment.

Think hybrid cloud first. For JPL, a seamless hybrid cloud is the goal. This will allow us to place computing and storage for all applications where it is most appropriate and will let us easily scale up and down.

Don't choose between a private and a public cloud; implement both. Every agency has different stakeholders, different time frames and different cost models. Public cloud applications are small bets that can be implemented quickly and inexpensively, with most of the input from the business side, and can be cancelled quickly. Private clouds are big bets that are built, owned and operated by an agency's IT department.

Just do it. IT leaders must avoid paralysis by analysis. They should just pick an application and take the leap — but make sure it's a leap to a prototype, for which the metric of success is that everyone learns something. Reports should be presented frequently, and in a visible and compelling manner.

Today, JPL benefits from cloud computing for both rapid experimentation and mission-critical applications. Cloud is part of everything that we do. Although the trajectory is very positive, we realize we are still early in our cloud journey. We welcome any feedback, as well as opportunities to innovate with other agencies.