“The time has come, and the best way for agencies to approach cloud adoption today is simply to get started,” said Derek Strausbaugh, chief digital officer for Microsoft’s DoD team.
When moving into the cloud, it’s important to assemble a capable team early in the process. Getting the right people involved in a cloud project
– and getting input from all stakeholders – is crucial to avoiding unexpected roadblocks. The team should include everyone expected to work with or benefit from cloud technology, including developers, security specialists, IT operators and mission experts.
It’s also important that the core team understands how cloud technology works and its expected impact on mission. “Investing in the workforce is more important than you might think, because expecting them to just pick it up doesn’t work well,” Strausbaugh said.
Resistance to change is by far the biggest non- technology impediment that agencies face when adopting any new technology or work process. Even if you try to do everything right, “cultural blockers” could get in the way.
“There is still a perception that the cloud is a threat to the way things are, but that’s a good thing,” Strausbaugh said. “Doing things the way they have always been done requires a lot of human capital for things like maintenance and monitoring. With the cloud, these tasks can be automated, done more reliably and cost effectively. It’s not about replacing people but elevating their responsibilities so they can focus on things like how to optimize mission outcomes.”
Existing policies also can impede the progress
of cloud adoption. For example, policies for
gaining access to data often vary among programs. Standardizing these requirements makes it easier to build appropriate controls for everything from data labeling and granular data access to just-in-time access – precisely the types of controls that work well in cloud computing environments.
Another “cultural blocker” is the time it takes to procure and deploy technology. The process
of getting an application approved or platforms deployed to run on a Defense network can
take months. It’s simpler and faster to stand up applications in the cloud’s more streamlined and agile environment. Efficiency is particularly important in a large department like the Defense Department, which manages thousands of applications throughout the world.
Then there are the technical blockers. One of
the most problematic is the proliferation of legacy technology, among them mainframes, applications written in long-dead languages and virtual machines. Much of that legacy tech doesn’t work in the cloud. Agencies that rely on legacy technology often are reluctant to let it go.
Virtual machines, for example, were the pinnacle of modern computing at one time. The key is finding a way to bridge the transition, and vendors have many viable options. Microsoft worked with VMware to develop a bare metal service that runs VMware on Azure Compute in the cloud, making
it possible to migrate applications optimized for VMware. While this method doesn’t provide the same level of cost savings and agility as native cloud- built apps, it does allow Defense agencies to reuse their VMware-optimized applications
Security is another potential tech blocker, although it shouldn’t be as much of an issue today because cloud vendors working with the Defense Department must comply with DISA’s Cloud Computing Security Requirements Guide (CC SRG), FedRAMP, and security requirements specified
in the Defense Federal Acquisition Regulations (DFARS). Some vendors also must comply with requirements of the International Traffic in Arms Regulations (ITAR).
When workloads move to the cloud, cloud providers become responsible for the physical security. A secure software-defined network handles the ingestion and departure of data between DoD and the cloud. Depending on the type of cloud services used, cloud providers can also become responsible for the security of the presentation and application layers. This makes it