It was a banner year for federal cloud adoption. Cloud services contract obligations were expected to increase by about 32 percent in fiscal year 2018, reaching an all-time high of about $6.5 billion, according to an analysis by Bloomberg Government.
Meanwhile, according to Ashley Mahan, acting director of the General Services Administration’s Federal Risk and Authorization Management Program, 40 new agencies started to participate in FedRAMP in 2018. The program, which authorizes and continuously monitors federal cloud services, released a new framework called FedRAMP Tailored to streamline the authorization process. And Mahan, during a panel on Dec. 4 at the FedScoop Public Sector Innovation Summit in Washington, D.C., said there was a 60 percent increase in FedRAMP-authorized cloud products from 2017 to 2018.
So where is the federal cloud market going in 2019? The panelists suggested that hybrid cloud models, mixing public and private clouds, will become more popular, as will multicloud environments.
The Office of Management and Budget’s new Cloud Smart strategy emphasizes that agencies should use cloud tools that help them meet their mission needs, and does not specify whether they should use public or private clouds. The speakers said that they expect agencies to continue to mix public cloud with existing on-premises architectures rather than making wholesale migrations to public cloud.
“There’s going to be more hybrid cloud solutions out there. Given, done,” said Small Business Administration CIO Maria Roat. “We’re already working on an option at SBA. So, while there’s hybrid solutions, we are already managing our entire on-prem facilities, as well as all three of our cloud environments from cloud-based tools. We are doing all of that now.”
A Hybrid, Multicloud World Awaits Feds
Mahan said FedRAMP is "primed and ready" for agencies to move into multicloud environments. Notably, she said roughly 65 cloud products could receive FedRAMP authorization in 2019, including a mix of hybrid tools to help more agencies use compatible capabilities, as FedScoop reports.
“I truly believe that cloud is becoming that new normal across the board,” she said. “I’m really excited. I’m hearing a lot of hybrid cloud approaches, strategy from some different government organizations, as well as some multicloud approaches.”
Francisco Salguero, deputy CIO at the Agriculture Department, said hybrid cloud solutions can help agencies overcome hurdles to adoption, including compliance and data security regulations.
“Part of the reason it’s been so slow to adopt is because some of those legacy applications aren’t built for the cloud,” he said. “So, that’s where the hybrid and having the connection of multicloud becomes very important.”
Application rationalization strategies help agencies rebuild their apps for the cloud, Salguero noted. “When you start rebuilding, that multicloud type of environment becomes important so they can take advantage of not only cloud technology, but also the change in business process,” he said.
Roat said that the SBA’s cloud strategy has evolved over the past two years and the agency has rebuilt its cloud architecture twice. Along the way, the SBA has learned valuable lessons. The hurricanes of the past several years forced the SBA to spin up services rapidly in the cloud as small businesses devastated by hurricanes Harvey, Irma and Maria used the SBA for services. At one point, the SBA added 5,000 users in two months.
Roat added that she tells her staff to be creative in overcoming security challenges for the cloud because her agency must be nimble to help small business owners.
“Figure it out, because I need to get the right solutions for my business,” she said. “That solution could be a multicloud, hybrid approach, whatever that might be, but it’s about getting to the right solution and doing it securely. We’ve got 30 million businesses’ worth of data at SBA, we have to do it securely. We have to have those solutions in there, and if it’s a multicloud approach or a hybrid cloud, great.”