Our country needs a federal government that is capable of dealing with our current problems and ...
Federal agencies are increasingly employing secure and scalable cloud solutions to transform how the government operates, and how it provides effective and equitable digital public services.
To understand how agencies are mobilizing cloud computing for public service, the Partnership, in collaboration with the IBM Center for The Business of Government, hosted a series of events in 2022 featuring federal IT leaders. Over the course of three webinars, we heard from the Census Bureau; the departments of Agriculture, Defense and Veterans Affairs; the Federal Emergency Management Agency; the Government Accountability Office; the National Institutes of Health; the National Oceanic and Atmospheric Administration; and the Office of Personnel Management.
This brief offers key cloud computing strategy insights from individuals at each organization, while highlighting the stories of five:
Keys to Successful Cloud Computing
Key Insights Summary
Agencies will be more successful at developing strategy if they understand:
Strategy development and deployment will be aided by:
Cybersecurity is most successful when these key elements of cross-team culture change are in alignment:
A top strategy for optimizing the cloud is to equip the people who use it. To keep them on pace with technology, workforce strategies should include:
Optimizing for cost savings and capacity is aided by an intentional strategy for tracking cloud usage that includes staff or staff time dedicated to:
Photo credit: Shutterstock
In the fall of 2022, Florida was struck by the deadliest hurricane to hit the state since 1935. NOAA aerospace engineer Nick Underwood was at that time aboard a four-engine hurricane hunter aircraft nicknamed Kermit, gathering and transmitting data about Hurricane Ian to cloud databases at NOAA’s National Centers for Environmental Prediction and the National Hurricane Center. There, it was integrated into global weather models and used for real-time hurricane prediction that would enable people to evacuate to safety. Since 2019, NOAA has made it a priority to use data, like that gathered by Underwood, to reduce the severest impacts of extreme weather events.
In 2020, NOAA developed a cloud strategy to better coordinate data across the organization. The agency adopted a multi-cloud solution—combining commercial cloud with government cloud and on-premise private data systems for a hybrid cloud configuration—enabling the agency to manage information that spans “from the sun all the way down the deepest part of the waters,” said Captain Joseph Baczkowski, acting director of NOAA’s Cloud Program Management Office.
In addition to private cloud systems that store data and services on-site, NOAA partners with cloud vendors to democratize its data—from weather data to whale sounds—making it free and open to everyone. “Unlocking the full utility and potential of NOAA’s massive and diverse data” drives the agency’s new cloud strategy, according to a NOAA statement.
A team at NOAA coordinated with the Cloud Acquisition Team at the General Services Administration to create what the GSA calls “a model effort for smart cloud migration.” NOAA’s success came in large part from careful customer-centric planning and collaboration with strategic partners. NOAA knew it needed a system that could serve its multipurpose mission to gather, analyze and publicly share knowledge. Its computing had to be ready to match the conditions where it would be used, Baczkowski said. Important agency work could be stalled or lives endangered if a marine biologist on a boat were to receive an “unable to connect” message or a hurricane chaser needed to spend precious time on a specialized, multistage login midflight.
Armed with these strategic requirements, NOAA used a capability-based acquisition approach—one employing a statement of objectives instead of a statement of work—to guarantee the cloud products and services procured fit the agency’s intended purpose. For example, instead of asking for a specific product using a statement of work, NOAA solicited “cloud storage services that will provide persistent storage, backup service, long-term storage, continuity of operations, and disaster recovery services.” This has resulted in a multiple vendor strategy, whereby NOAA contracts with several different corporate vendors to give the agency optimal flexibility and distributed technical capability. With a mission to serve both the NOAA scientists who collect data and the public that consumes it, NOAA’s strategy had to address both audiences.
In 2022, with commercial cloud capabilities in place, NOAA released its NOAA Open Data Dissemination program, opening the tens of terabytes of data it collects daily (and that includes data about “real” clouds!) and sharing it freely with the public to foster discovery and innovation. Former acting NOAA administrator, Neil Jacobs, attributes the success of such projects to “creative partnerships” with a range of commercial cloud providers, according to a NOAA statement.
Today, NOAA’s commitment to delivering world-class science is buoyed by its innovative multi-cloud strategy.
Photo credit: The Federal Emergency Management Agency
The Federal Emergency Management Agency, whose teams deployed on the ground during 2022’s Hurricane Ian while NOAA scientists were midair, is early in its cloud journey. Its cloud services support first responders who need real-time data access to make urgent life-saving decisions, and its cloud-based artificial intelligence and data analysis tools predict disaster scenarios to position resources in advance. FEMA’s response teams, however, still carry their own IT infrastructure into the field.
“We’re going to take all of that out the equation with the cloud,” said James Rodd, cloud portfolio manager in FEMA’s Office of the Chief Information Officer. Cloud adoption paired with sophisticated mobile networking capabilities will enable FEMA teams to respond faster and more efficiently, he added. “Any place we go, any place we serve, we need to improve our response to the citizens,” Rodd said, “and that’s the goal of our cloud adoption.”
A full cloud program will help FEMA speed its response to disasters and enable the agency to rapidly increase capacity when disaster strikes and scale down when the pace of response permits. Its services—from ground support to the FEMA GO cloud-based disaster-response grant system—need to be able to scale up in a matter of hours, during and immediately after disaster situations, to support potentially tens of thousands of survivors.
The agency’s agile framework for full deployment of the cloud includes performance testing, incremental updates and iterative redesign. Early tests revealed performance issues, Rodd said, and those tests, for example, resulted in improvements in latency—the speed at which data travels through a system. Rodd’s tests are aimed to ensure “equitable and exhaustive solutions are in place,” in terms of usability, scalability and security, before all operations are moved to the cloud. FEMA’s tests, Rodd said, also aim to guarantee the transition is frictionless, since cutting someone’s access to data or software during the conversion is simply not an option.
Agile ways of working are relatively new to FEMA, and Rodd’s team is leading the transformation. It will be well worth the process, according to Rodd, as the savings of resources, time and cost anticipated with a thoroughly tested cloud system will ultimately bring “incredibly positive changes” to FEMA offices and field work.
Operating round-the-clock from Puerto Rico to the Philippines, the Department of Veterans Affairs has an always-on global IT infrastructure linking its 1,400 facilities. A secure multi-cloud strategy enables the VA to manage sensitive data at more than 100 major medical centers, and to offer modern, accessible digital services to veterans—of paramount importance given the medical and personal data the VA accesses to serve veterans and their families.
The VA’s Office of Information and Technology aims to be “the best IT organization in government” with a vision-driven, people-focused, security-first approach. Recognizing the importance of collaboration to enhance its expertise, the VA created a unit within its infrastructure operations group, called Application Hosting, Cloud, and Edge Solutions. The group aims to help organize the department’s cloud administrators into one common corps to deliver coordinated and consistent service. At the VA, security has been “baked in” by design from the beginning, said David Catanoso, acting director of the unit, and continues to drive the department’s cloud strategy and the decisions it makes about cloud architecture.
The unit works from the assumption that it is in a high-threat environment, so the security dimension is “part of our bloodstream now at the VA,” Catanoso said. New daily cybersecurity threats have increased, and these threats are both easier to create and harder to contain. In response, the unit is adopting a calculated approach following the National Institute of Standards and Technology’s “zero trust” guidelines wherein “no implicit trust [is] granted to assets or user accounts based solely on their physical or network location.”
This strategy reflects guidance recommended by all our agency experts: from Timothy Persons, former Chief Scientist at the Government Accountability Office, who described security as “a team sport,” to DOD’s Robert Vietmeyer who finds success in cybersecurity hinges on cross-team collaboration embedded in agency culture.
At the VA, cybersecurity starts at the level of data and moves through the “bloodstream” of its cloud environment: All data entering the VA’s system—from telehealth data to veterans’ financial information—goes through a protocol that protects it “at rest,” within the VA’s information repositories, and “in transit” as it is electronically shared or transmitted to trusted providers.
The department also regulates control of access, authentication and authorization to all VA networks, tools, applications, equipment and physical locations. With its responsive, flexible cloud structures and zero-trust blueprints for cybersecurity accountability, the VA can secure the highly sensitive data it protects.
The Census moved to the cloud in 2020, enabling individuals to account for themselves in the census’s first self-serve online survey. In addition, hundreds of thousands of enumerators, armed with cloud-equipped handheld devices, deployed to neighborhoods in every U.S. state and territory, assigned to count every resident. Due to technological advances made possible by the bureau’s cloud systems, the survey was for the first time available online and in 13 languages.
To achieve this feat and other agency processes, the Census Bureau employs cloud-enabled tools and software-as-a-service models. These “let us focus on providing value by using more of the technology, not spending our time maintaining the infrastructure that supports it,” said Brock Webb, technology strategist for the Computer Services Division in the bureau’s Office of the Chief Information Officer. In Webb’s experience, installing new technology is only 10% of the process; the other 90% is people and culture.
Webb’s human-centered technology strategy, from design to implementation, focuses on the people who use the technology, as he knows people will not adopt new technology if they cannot figure out how to use it. This strategy, Webb told us, led to a roadshow across the agency “to talk about cloud computing and understand the needs and problems cloud might solve from the perspective of the mission and business areas.” Ongoing employee-focused priorities include offering training through the Census Bureau Data Academy, attracting new talent through recruitment to the bureau’s Secure Cloud Team, and adjusting cloud services in response to what the business and mission area partners need.
At the Office of Personnel Management, the strategy for deploying cloud initiatives is also “closely tied to the employee experience and employee enablement” said Akanksha Sharma, senior advisor on human capital technology transformation at OPM. By intentionally empowering their early adopters through training and professional development, OPM is structuring a culture of innovation so that technology, people and practices move forward in tandem.
With modern tools like cloud computing and an empowered workforce, agencies can now better serve the public.
Photo credit: Shutterstock
The National Institute of Health’s cloud strategy unlocks its potential to deliver exemplary science. The NIH’s Science and Technology Research Infrastructure for Discovery, Experimentation, and Sustainability Initiative, or STRIDES, “aims to modernize biomedical research by reducing economic and process barriers in utilizing commercial cloud services,” according to the initiative’s website. The strategy enables science and empowers scientists while also ensuring cybersecurity and standardizing data stewardship.
NIH’s journey with the cloud started several years ago in response to the changing nature of science and biomedical research. With new tools to capture data, from medical imaging to wearable biometrics, the agency collected an unprecedented wealth of data and needed to move their national biomedical research community to the cloud to enable collaboration across datasets. More and better data allow for more and better analysis leading to more informed decision-making.
During the COVID-19 pandemic, for example, the NIH’s cloud environment made it possible for researchers around the globe to collaborate in real time. “When COVID hit, and we first received the genetic details of COVID, our National Library of Medicine, [which] manages a global genomic database, put that data in our cloud STRIDES program and made it accessible to researchers around the world within a day, so that people could begin to do the science,” said Andrea Norris, former chief information officer and director of the NIH Center for Information Technology, adding that the move accelerated the pace of discovery. “Technology has changed the way we do science,” Norris said, and “the cloud is changing the platforms and tools we use to do it.”
NIH’s cloud strategy calls for modernizing standard data practices by mandating data sharing policies within its cloud environment. In January 2023, NIH will require anyone it funds to have a data management and sharing plan, according to Norris. The goal is to couple the equally important values of open access and data privacy—“open access to data with appropriate controls”—to support discovery while ensuring best practices for data security and privacy.
Recognizing that discoveries are enabled by more diverse participation, the STRIDES cloud strategy brings new researchers into the community by reducing barriers to entry. NIH is changing the denominator of who conducts biomedical research, Norris said, broadening it from the pool of researchers at the largest, wealthiest institutions. Now, researchers just need access to the internet to find an abundance of data and findings to advance their work.
Part of that increased access is achieved through cost savings from cloud optimization. Quickly scaling up service to meet need (“rapid elasticity”) and monitoring usage (“measured service”) are two benefits that come with cloud adoption and maturation. By taking advantage of both, the NIH has saved tens of millions of dollars in the three years since moving more than 200,000 terabytes of data to the cloud, Norris reports. Money previously spent on maintaining in-house systems and on unused storage capacity is now shifted directly to NIH research and researchers. More researchers now have greater access to NIH data with more efficiency and in less time at cheaper costs.
Cloud “has had tremendous impact on the kind of science we’re doing, and the kind of innovations we’re seeing,” Norris said. And the agency is only just beginning to optimize the cloud in support of the mission.
Concurrent to our webinar series, the GAO published a report detailing four primary challenges they identified for federal agencies adopting cloud computing practices: “Ensuring cybersecurity; Procuring cloud services; Maintaining a skilled workforce; Tracking costs and savings.” We note these are the same challenges our experts are already facing head-on.
What comes next for agency use of cloud computing? In the short term, our experts predict:
Longer term, these changes could revolutionize how our government functions and serves the people. Digital transformation involves modernizing technology to provide more effective, equitable and accessible services. Carefully developed cloud environments, secure and optimized for performance, provide the foundation for a more modern federal government that offers better service to the public.
The challenge today is designing for tomorrow’s opportunity. The agency stories highlighted above preview the future and forecast what is to come.
Amanda Starling Gould, PhD, manages a portfolio on the Partnership’s Technology and Innovation team with an eye toward building a modern government that is equitable, accessible, and sustainable. As a technology scholar, she brings to this work many years researching and teaching on topics related to systems thinking, futures design, public interest technology, innovation, and the environmental effects of digital technologies.
Federal Chief Technology Officer at ServiceNow and CIO SAGE at the Partnership for Public Service
Acting Director, Application Hosting, Cloud, and Edge Solutions, Department of Veterans Affairs
Former Chief Scientist and Managing Director, Science, Technology Assessment, and Analytics, Government Accountability Office
Senior Advisor on Human Capital Technology Transformation, Office of Personnel Management
Technology Strategist, Computer Services Division, U.S. Census Bureau Office of the Chief Information Officer
Acting Cloud Program Management Office Director, National Oceanic and Atmospheric Administration Office of the Chief Information Officer
Former Chief Information Officer and Director, Center for Information Technology, National Institutes of Health
Cloud Portfolio Manager, Federal Emergency Management Agency Office of the Chief Information Officer
Director for Cloud and Software Modernization, Department of Defense Office of the Chief Information Officer