Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Make decisions before you decide to move to cloud
Monday - 8/9/2010, 1:30pm EDT
This week, we bring you a special treat — an extended conversation with Mark White, a principal with Deloitte Consulting LLP who works with both the firm’s Federal and Technology practices. He is also the CIO of Deloitte Consulting.
FCB talked with him at length about cloud computing and a variety of issues that are currently facing the industry.
He started by explaining what Deloitte does for the federal government in terms of cloud.
MW: “In talking with our federal clients about cloud, there are two or three different stages in which we find ourselves. There’s still the stage of trying to put some structure around what cloud means, how to actually come to a common understanding and an actionable conversation about it. That’s sort of the first [challenge] — understanding structure frameworks that allow a common basis of understanding and definition and that can allow you to have conversations and make plans that lead to a decisive outcome.
That, a year ago, was sort of the most common part of it. Now, with all of the attention that’s been spent and all of the time that’s been spent, that, while it still goes on, is probably not the most significant part.
The next phase, if you will — or generation of it — is in analyzing strategies and evaluating and helping make plans — plans to do analysis, plans to adopt, in certain cases, plans to expand — that is becoming of the most common of the three phases of the understanding, planning — and then the third phase, which is going to be actual implementation. That is the third phase — implementation of certain aspects.
It’s interesting. One of the points — and, in fact, one of our fundamental planks in the platform about cloud is that it’s technologically evolutionary. The impact on the mission can be revolutionary. So, when I say implementation is beginning to be an area in which we work more with our federal clients, that’s speaking specifically to those things that were originally described as so called ‘cloud’.
When I think about the fact that the technology aspects of cloud are essentially evolutionary in nature, they’re the next logical generation of the technologies and techniques and methods and disciplines we’ve been applying for data center consolidation, virtualization and operations automation.
So, having said that, we have been — and continue — to help our clients with implementation of those technology disciplines and capabilities and tools. It’s those that would, out of the box or from the get-go, have described it as a cloud implementation. That actually is beginning to increase.
FCB: With all of these changes happening — and I know different organizations sometimes have different definitions for cloud — but going based on what you just told me, what are you doing in terms of security. When I talk to agencies themselves, they say, ‘We’re really excited to take this next step, but we’ve got all this data that we don’t want getting out there.’ Talk a little bit about the security aspect and maybe alleviate some of those concerns.
MW: In order to have a common definition of cloud, there are two steps to set the table, if you will. The first step is — what are the characteristics of the mission problem that you’re trying to solve, or perhaps the technology solution you’re proposing? And do those characteristics imply or outline a cloud solution?
We use the five characteristics that NIST has put forward, and if you look around, you’ll see slight variations on a theme, but I think those are perfectly reasonable. . . . So, if your mission problem or your technology solution embodies or implies or needs all five of those, clearly we need to have a conversation about cloud. If it requires fewer than five — maybe three — then perhaps we ought to talk about a more mature technology — utility computing or managed services or even plain old outsourcing.
That’s the first part of having a cloud conversation — what are the characteristics of the problem or solution?
The second part of having a cloud conversation is three dimensions of the answer. The first dimension is the capability, or what kind of cloud: infrastructure-as-a-service, platform-as-a-service, software-as-a-service, or business process-as-a-service. The second is, what source? Is it a public cloud? A private cloud? A hybrid cloud? A community cloud, which actually obviously GSA defined in that RFI coming up on two years ago now. . . . And then the third, and this is may not be quite as familiar because it doesn’t get talked about as much, but we think it’s really important, is — what is the business model?