FCWPerspectives
    42
May/June 2018 FCW.COM
Service guys have done,” a third said. “They don’t give a crap about the net- work. The network is just a commod- ity — no offense to anyone who runs a network. I’m working on the applica- tion layer. I’m working on where the data’s going, discovery and the integra- tion and retrieving of data.”
The commercial cloud infrastructure options are there, the second official said. “It’s cheaper. It’s there. Use it, and bill everyone on top of it.”
Actively exploring such options can force a valuable reassessment of an agency’s existing processes, said anoth- er participant who brought USDS into a civilian agency. “You don’t realize your culture until you have somebody show it back to you. The USDS folks said, ‘Do you know it takes 180 days to spin up an environment around here?’ And I said, ‘Really? Is that too long?’”
As for security, one executive put it this way: “As long as you do it right, if you go to the cloud, you’re more
secure than you were before. You have better visibility into it to see exactly what your environment’s doing, where it used to be, ‘Well, do we have a data center over here?’”
Other participants said that’s one of the core reasons for shared services like Cloud.gov (a platform as a service that handles much of the required secu- rity compliance) and Federalist (a PaaS tailored to hosting and managing web- sites). “We want to take all that burden off you so that you can focus on your mission,” one said.
That participant also argued that the visibility a well-designed cloud service offers can help overcome resistance from IT employees who fear migrat- ing themselves out of a job. There is more important work for them to do “because guess what? Before they were in the cloud, they didn’t know they had 20,000 servers that were unmaintained. Once they’re in the cloud, now they know that they have 20,000 servers. You probably want to keep an eye on that.”
“They will do that with higher-level tools,” the participant added. “They will do that writing software. They will do that with automation. They will figure out how to redeploy their infrastructure from scratch every 60 minutes so that a hacker can’t really gain a foothold. That’s more fun than
figuring out network cabling in a server room, right?”
One executive went further by argu- ing that the government should be running toward software-as-a-service (SaaS) solutions as quickly as possible.
“I hate to be the bad guy in the room,” that participant said, “but everybody who answered is five years behind the times. We talked about how to solve infrastructure. We talked about how to solve platform. We talked about how to solve DevOps and developing software. I don’t even understand why we’re talking about any of that.”
Instead, the executive said, “we need to buy SaaS, just like the commercial industries do, [because then] we don’t have platform problems. We don’t have infrastructure problems. We don’t have to do DevOps. Why are we doing Dev- Ops on an HR system when we could go buy it for $30 a seat?”
Others objected, saying that count- less government systems will never be supported off the shelf. “The software that runs those tanks should never be SaaS-ed,” one quipped.
And even where commercial solu- tions do exist, another noted, “people don’t know what they’re buying when they go out and purchase it, and then they figure out, ‘Oh, I can’t really use this.’ Then they want to modify it. And now you have something that’s modi-