The VA’s highly virtual on-premises infrastructure is based on VMware. The agency recently built a platform on top of its current enterprise cloud system to expand that in-house infrastructure and stretch the multicloud environment to its data centers, Catanoso says.
VMware recently received high impact-level authorization from the Federal Risk and Authorization Management Program (FedRAMP) for its AWS product, and the VA is looking at VMware’s FedRAMP-approved product on Azure when that becomes available, Catanoso says.
The multicloud approach furthers the VA’s efforts to improve access for the veterans it serves. “Cloud enables a high degree of innovation and leveraging of the latest and greatest technology out there,” Catanoso says, “so we can bring that to bear to deliver capabilities to our veterans.”
Cloud Service Providers Keep Multicloud Environments Moving
The key goal in federal IT today is efficiency, especially as agencies work to update legacy systems. A multicloud approach offers no benefit if it creates more work, uses excess resources and duplicates efforts — adding to costs rather than minimizing them. Multiple clouds must work together seamlessly and streamline the interface between on-premises and cloud-based applications while keeping data secure.
“To control costs, improve operational efficiency and make the most of the technology, agencies should take a more holistic approach to managing multiple clouds,” Dassanayaka said during the FedScoop Public Sector Innovation Summit in June.
“Thinking holistically prompts agencies to proactively consider and plan for multiple clouds, while reducing the risks and costs of all the activities involved in managing, securing and governing,” he added.
Cloud service provider tools help agencies manage multicloud environments and broaden their view of “the entire lifecycle of cloud operations,” Dassanayaka says.
This improves efficiency and effectiveness while increasing flexibility to run resources and services anywhere, he says. Agencies can then speed up projects and push out software faster — when, for example, an entire workforce must shift to remote work during a pandemic — without sacrificing performance.
“For each CSP, we leverage some of the cloud-native tools they provide to do things like manage the security and migration of applications into the cloud,” Catanoso says. “At the same time, we also stood up several tools outside the CSP to perform things like governance, performance monitoring, security monitoring and various forms of other management services.”
One tool, Turbot, monitors cloud service configuration settings to make sure they comply with VA policy. “If application teams make a change that they’re not permitted to make, Turbot will detect that, and then we can have it automatically correct the setting on the fly,” Catanoso says, adding that the agency takes that step cautiously. “But that does provide us a degree of security.”
Another tool helps the VA monitor dynamic applications and channel artificial intelligence to its operations teams for software running in the cloud — “a very ephemeral environment,” Catanoso says. The agency plans to expand that tool to on-premises applications as well.
Cloud-enabled Software as a Service solutions range from Microsoft Office 365 for the VA’s virtual desktops to Salesforce for low code/no code applications. The CSPs also provide SaaS, such as Amazon’s database connector, Catanoso says.
Multicloud Environments Require Stronger Safety Measures
Data protection is fundamental, and a multicloud environment should help close security gaps rather than create holes where danger can creep in. The General Services Administration set up FedRAMP in 2011 to standardize security and risk assessment for cloud services deployed across the federal government.
Once a CSP receives FedRAMP authorization for the security protocols around its offering for a particular agency, any other federal agency can put that product into use without going through the same review, helping to accelerate the adoption of cloud computing across the government.
“From a security perspective, agencies will be able to support a multicloud environment through understanding the uniqueness between clouds as a key to securing them,” Christina Wilkes, a GSA spokesperson, says.
“Successful agencies supporting a multicloud environment have the opportunity to centralize much of the multicloud process, from procurement to security,” she says. “Centralizing the efforts allows business units to focus on their mission, while allowing experts to provide support to those businesses units.”
Brought to you by: