Nov 30 2020

Moving from Cloud First to Cloud Smart for State Governments

The federal Cloud Smart strategy provides a roadmap to greater flexibility in cloud deployments for state IT leaders.

In the early to mid-2010s, state governments followed the lead of the federal government and adopted Cloud First policies to speed up adoption of cloud computing technologies. Now, as the 2020s unfold, state government IT leaders are again taking a page from the federal playbook and are pivoting to Cloud Smart policies.

They are shifting from a stance that sees the adoption of cloud solutions as the first and best approach to take when modernizing applications. Cloud Smart policies are intended to give states greater flexibility to determine which apps make the most sense to be run in cloud environments.

“Federal guidance, such as Cloud Smart, can be useful in several ways specifically to state and local governments,” Ann Dunkin, CTO and strategist for state and local government at Dell Technologies, said during an April webinar, according to MeriTalk.

“When I was a federal CIO, I often found policy coming down to be helpful because it provided me with guidance and some leverage and opportunity to help reinforce my point,” said Dunkin, the former CIO of the U.S. Environmental Protection Agency. “It’s simply an opportunity to see good ideas and a roadmap to a path forward for certain local leaders to follow.”

What Are Cloud First Policies?

In February 2011, at a time when cloud adoption was still nascent in government, the Obama administration adopted Cloud First, a policy to accelerate adoption of cloud computing technologies.

The U.S. CIO at the time, Vivek Kundra, reasoned that cloud technologies could “significantly help agencies grappling with the need to provide highly reliable, innovative services quickly despite resource constraints.” He stated that it would be the policy of the federal government to require agencies to “evaluate safe, secure cloud computing options before making any new investments.”

In the year that followed, state governments followed suit, such as Colorado, which laid out a Cloud First policy in its fiscal year 2012 playbook initiative. “Colorado is making a deliberate and explicit commitment to cloud services,” the policy said. “We will proceed with the presumption that new services, applications and major revisions to existing ones will be supported in a cloud based environment first, unless there are significant reasons why they should be hosted on the State’s private infrastructure.”

Hawaii did the same in December 2014. “Hawaii is among the first states in the nation to implement a ‘Cloud First’ policy for IT projects,” Gov. David Ige said at the time. “Governments around the world are becoming more efficient and cutting costs by reducing duplication and pursuing consolidation of resources and processes through shared-service capability. This is core to Hawaii’s cloud computing and IT consolidation initiatives and will help our state conduct business in a more modern and efficient, business-like way.”

LEARN MORE: How can Mainframe as a Service help state governments?

What Is a Cloud Smart Strategy?

In September 2018, the White House Office of Management and Budget released an updated federal cloud computing strategy, dubbed Cloud Smart, signaling a pivot away from the Cloud First era.

Suzette Kent, the U.S. CIO at the time, told reporters that Cloud First was introduced “at a time when cloud was still new,” according to FedScoop, and many agencies “were kind of early in their journey in adopting those technologies, and we learned a substantial amount within the federal government.”

OMB said when introducing Cloud Smart that many agencies were slow to adopt the cloud because there was no clear implementation plan or strategy. The private sector’s cloud technologies “have significantly advanced” since then as well, OMB noted.

The Cloud Smart strategy encourages federal agencies to use cloud technology where it meets their mission needs and conceive of the cloud “as an array of solutions that offer many capabilities and management options to enhance mission and service delivery.”

Agencies should be “equipped to evaluate their options based on their service and mission needs, technical requirements, and existing policy limitations,” the policy states. Further, computing and technology decisions should also consider how users will be impacted, balanced against costs and cybersecurity risk management.

Agencies must consider “the long-term inefficiencies of migrating applications as-is into cloud environments against the immediate financial costs of modernizing in advance or replacing them altogether.”

The policy notes that federal agencies will rationalize their application portfolios to drive federal cloud adoption. This will involve reducing their application portfolios by both “assessing the need for and usage of applications” and “discarding obsolete, redundant, or overly resource-intensive applications.” Agencies will then be free to focus on improving service delivery by optimizing their remaining apps.

The Cloud Smart strategy is founded on three key pillars: security, procurement and workforce. “Collectively, these elements embody the interdisciplinary approach to IT modernization that the Federal enterprise needs in order to provide improved return on its investments, enhanced security, and higher quality services to the American people,” the policy states.

MORE FROM STATETECH: What does software-defined everything mean for state governments?

How to Go from Cloud First to Cloud Smart

State government IT leaders took notice of the shift in approach from the federal level and indicated they, too, would be rethinking their approach to the cloud. The key to shifting from a Cloud First to a Cloud Smart strategy lies in granting the government agencies wider latitude in determining which applications to move to the cloud, in line with the agency’s business objectives.

During the 2019 National Association of State Chief Information Officers (NASCIO) Midyear Conference, Montana CIO Tim Bottenfield indicated that he never saw the state as a Cloud First player.

“Montana was never in that situation,” Bottenfield told StateScoop. “We have even to this day, too, really stellar and state-of-the-art data centers. In the early years of those data centers, which goes back seven or eight years, there was really almost a no-cloud stance. We’ve certainly morphed out of that now.”

Bottenfield indicated he wanted to maximize flexibility. “We want to be Cloud Smart,” he said. “We know there are applications and services being offered out there that the agencies really need, and maybe we can’t provide all the components of that. So anything that comes through central IT, and working with the agencies especially, we’ll take a look at it in several different categories.”

At the 2019 NASCIO Annual Conference, state IT leaders indicated that their thinking had evolved from the early 2000s.

Yessica Jones, then the CTO of Arkansas, noted that the state, as part of a data center consolidation, was evaluating what would be ideal to shift to the cloud and which applications were better left in on-premises environments, reports Government Technology. The state would be working on a policy she called “cloud right.”

At the same conference, North Dakota CIO Shawn Riley told Government Technology he took his state from “cloud never” to Cloud First overnight when he took office. However, Riley said that Cloud First does not mean every application should be moved to the cloud, essentially adopting the Cloud Smart approach.

“It’s Cloud First as we look at the environments and say, does this really meet the needs, does this have the cost-effectiveness, does it give us the empowered utility of the toolset that we want to have?” Riley said. “If it does, we’ll go cloud. If not, maybe an on-prem solution will be the right choice.”

EXPLORE: How has the pandemic opened doors for cloud-based data collection and analysis?

Moving to Cloud Smart Action Items

At the federal level, the Federal CIO Council established 21 action items for federal agencies to take regarding the Cloud Smart strategy. Many are not necessarily applicable to state governments, but some are.

For example, the strategy calls for the development of ways to optimize agencies’ use of cloud services.

This can be done by “determining and sharing best practices in cloud performance measurement, migration, and implementation based on leading industry trends,” and “connecting agencies to gain insights into cloud options and access to subject matter expertise, or to review their cloud strategic plans.” Another part of this task is to coordinate to ensure agencies have access to the appropriate acquisition tools and services “pertaining to cloud procurement, migration, and optimization.”

The Cloud Smart strategy also calls for agencies to rationalize their application portfolios to drive cloud adoption. This involves reducing an application portfolio by both “assessing the need for and usage of applications” and “discarding obsolete, redundant, or overly resource-intensive applications.”

Cutting down on application management responsibilities “will free agencies to focus on improving service delivery by optimizing their remaining applications.”

While not all of the federal Cloud Smart directives can be taken at the state level, the new policy does offer a framework for state IT leaders to rethink their approach to cloud computing.

PhonlamaiPhoto/Getty Images