What Are Cloud First Policies?
In February 2011, at a time when cloud adoption was still nascent in government, the Obama administration adopted Cloud First, a policy to accelerate adoption of cloud computing technologies.
The U.S. CIO at the time, Vivek Kundra, reasoned that cloud technologies could “significantly help agencies grappling with the need to provide highly reliable, innovative services quickly despite resource constraints.” He stated that it would be the policy of the federal government to require agencies to “evaluate safe, secure cloud computing options before making any new investments.”
In the year that followed, state governments followed suit, such as Colorado, which laid out a Cloud First policy in its fiscal year 2012 playbook initiative. “Colorado is making a deliberate and explicit commitment to cloud services,” the policy said. “We will proceed with the presumption that new services, applications and major revisions to existing ones will be supported in a cloud based environment first, unless there are significant reasons why they should be hosted on the State’s private infrastructure.”
Hawaii did the same in December 2014. “Hawaii is among the first states in the nation to implement a ‘Cloud First’ policy for IT projects,” Gov. David Ige said at the time. “Governments around the world are becoming more efficient and cutting costs by reducing duplication and pursuing consolidation of resources and processes through shared-service capability. This is core to Hawaii’s cloud computing and IT consolidation initiatives and will help our state conduct business in a more modern and efficient, business-like way.”
What Is a Cloud Smart Strategy?
In September 2018, the White House Office of Management and Budget released an updated federal cloud computing strategy, dubbed Cloud Smart, signaling a pivot away from the Cloud First era.
Suzette Kent, the U.S. CIO at the time, told reporters that Cloud First was introduced “at a time when cloud was still new,” according to FedScoop, and many agencies “were kind of early in their journey in adopting those technologies, and we learned a substantial amount within the federal government.”
OMB said when introducing Cloud Smart that many agencies were slow to adopt the cloud because there was no clear implementation plan or strategy. The private sector’s cloud technologies “have significantly advanced” since then as well, OMB noted.
The Cloud Smart strategy encourages federal agencies to use cloud technology where it meets their mission needs and conceive of the cloud “as an array of solutions that offer many capabilities and management options to enhance mission and service delivery.”
Agencies should be “equipped to evaluate their options based on their service and mission needs, technical requirements, and existing policy limitations,” the policy states. Further, computing and technology decisions should also consider how users will be impacted, balanced against costs and cybersecurity risk management.
Agencies must consider “the long-term inefficiencies of migrating applications as-is into cloud environments against the immediate financial costs of modernizing in advance or replacing them altogether.”
The policy notes that federal agencies will rationalize their application portfolios to drive federal cloud adoption. This will involve reducing their application portfolios by both “assessing the need for and usage of applications” and “discarding obsolete, redundant, or overly resource-intensive applications.” Agencies will then be free to focus on improving service delivery by optimizing their remaining apps.
The Cloud Smart strategy is founded on three key pillars: security, procurement and workforce. “Collectively, these elements embody the interdisciplinary approach to IT modernization that the Federal enterprise needs in order to provide improved return on its investments, enhanced security, and higher quality services to the American people,” the policy states.
How to Go from Cloud First to Cloud Smart
State government IT leaders took notice of the shift in approach from the federal level and indicated they, too, would be rethinking their approach to the cloud. The key to shifting from a Cloud First to a Cloud Smart strategy lies in granting the government agencies wider latitude in determining which applications to move to the cloud, in line with the agency’s business objectives.
During the 2019 National Association of State Chief Information Officers (NASCIO) Midyear Conference, Montana CIO Tim Bottenfield indicated that he never saw the state as a Cloud First player.
“Montana was never in that situation,” Bottenfield told StateScoop. “We have even to this day, too, really stellar and state-of-the-art data centers. In the early years of those data centers, which goes back seven or eight years, there was really almost a no-cloud stance. We’ve certainly morphed out of that now.”
Bottenfield indicated he wanted to maximize flexibility. “We want to be Cloud Smart,” he said. “We know there are applications and services being offered out there that the agencies really need, and maybe we can’t provide all the components of that. So anything that comes through central IT, and working with the agencies especially, we’ll take a look at it in several different categories.”
At the 2019 NASCIO Annual Conference, state IT leaders indicated that their thinking had evolved from the early 2000s.