Showing posts with label CLOUD COMPUTING. Show all posts
Showing posts with label CLOUD COMPUTING. Show all posts

Sunday, February 17, 2013

DEPARTMENT OF DEFENSE CONNECTIONS

FROM: U.S. DEPARTMENT OF DEFENSE
DISA Highlights Increase in Use of Collaboration Tool
By Amaani Lyle
American Forces Press Service

WASHINGTON, Feb. 12, 2013 - Use of a Web-based application designed to offer an information exchange environment for Defense Department users has grown markedly as defense spending cuts loom, Defense Information Systems Agency officials said.

Since 2007, Defense Connect Online has been the "go-to" mechanism among several new enterprises within DOD's networks that entrust remote services with a user's data and software through cloud computing.

Defense Connect Online is the designated enterprise tool allowing DOD partners to collaborate on either classified or unclassified networks, said Alfred Rivera, DISA's director of enterprise services.

"It's been the department's way of providing collaborative solutions ... for online meetings, document sharing, white-boarding and voice-over-internet-protocol (VOIP) capabilities, to include chat," Rivera said.

John Hale, DISA's chief of enterprise applications, said DCO is the Web-based solution fielded within DOD's private cloud so information can be exchanged among mission partners. "It really has been a facilitator of collaboration, ... including the ability to chat live with each other while you're doing it," he said. DCO users should note common access card requirements, with the option for non-CAC holder guest participation, Hale said.

As DOD faces an austere budget climate, DISA officials said, DCO and similar enterprise ventures have shown growth by virtue of cost savings. "We're starting to see a large increase in the use of Defense Connect Online, and in the last 60 to 90 days, there's been unprecedented growth," Hale said.

DISA officials continue to address technology solutions to meet increasing customer demands, Hale said, adding that programmers took necessary steps to ensure data security both at rest and at use within the system.

"The solution was built ... with security in mind, [and] that's one reason it leverages our current DOD private cloud as its native platform, ... because a certain amount of security comes with that environment," Hale said. "As [information technology] increases in complexity and users demand more and more instant capabilities, security is ... at the forefront of everything we do to ensure our nation's defense information is kept safe."

A maximum capacity of 2,000 users in 2007 has since increased to 4,000 concurrent users, Hale noted, but recent demands have accelerated capacity expansion.

"Under normal circumstances, that would be a good model; however, DCO capacity requirements have significantly increased by 33 percent during the last 60 to 90 days," he said.
To address the increased demand, DISA officials expedited a previously planned expansion project, and will double current capacity within the week.

"We will make several system upgrades within six to eight weeks which will allow us to add additional capacity beyond 8,000 in a streamlined fashion, as dictated by mission partner usage," Hale said.

Rivera said Defense Connect Online was DISA's first large endeavor as part of the agency's emergence into enterprise services. Another is enterprise email service. The Army was the first adopter of DOD Enterprise Email (DEE), said Alan Lewis, DISA's program executive officer for enterprise services.

"We currently have over 800,000 users on that system and are growing rapidly," Lewis said. "In the next two months, we'll have 1.5 million users on that system." Users include members of the Army, the Joint Staff and various combatant commands, among other military agencies, Lewis added.

DISA is the main service provider of high-end applications to DOD, its senior leaders said.

"What you're seeing is large growth across the board in terms of the service offerings from DISA to the entire department," Lewis said, noting plans to integrate mobile capabilities into all platforms.

Rivera said collaboration with the Army to determine whether or not the ventures were fiscally sound were worthwhile. "The results indicated that the Army would save around $74 million annually when moving to DEE versus them doing it themselves," Rivera said.

With an expected 1.4 million Army users taking advantage of DEE, other enterprise services such as the DOD Enterprise Portal Service and DCO consolidate common usage applications into large-scale platforms to bring cost savings to taxpayers, Hale said.

"Every organization is trying to save as much as possible to meet their mission needs," Hale said. "By offsetting the cost for these common services that everybody expects [and] using enterprise services, it allows organizations to focus their dollars back into their mission."

Rivera expressed confidence that Defense Connect Online and similar enterprises will weather the fiscal storm.

"It is one of those efficiency applications that the department can recognize as we look at ... strong budget cuts going on," he said. "This is one of our key enterprise applications that will continue to be a critical element as we move forward in this budget-constrained environment."

Rivera said he expects mission partners to use the enterprise not only for meetings, but also for operational discussions, distance learning and other capabilities.

Tuesday, January 15, 2013

U.S. DOD MOVES TOWARD CLOUD COMPUTING

FROM: U.S. DEPARTMENT OF DEFENSE

DOD Information Technology Evolves Toward Cloud Computing
By Claudette Roulo
American Forces Press Service


WASHINGTON, Jan. 14, 2013 - The Defense Department's information technology infrastructure is on a journey of consolidation, standardization, security and access, the Defense Department's principal deputy chief information officer told attendees at a cloud computing panel discussion today.

The department is reducing the number of data centers from about 1,500 to "a number far below that," Robert J. Carey said, and is implementing a coherent and consistent architecture across thousands of computing environments.

This process is taking place in part because of the current era of fiscal austerity, but also because it makes sense when it comes to securing data within the network, Carey said.

In addition, DOD, along with much of industry, is shifting toward a cloud computing posture: the collection of data and use of related computing services via remote servers accessed through the Internet. Cloud computing isn't without its risks, Carey said, but the department is moving the paradigm of security from the infrastructure to the data layer. This includes continuous monitoring and cryptography, he added.

Concentrating on securing data, rather than an entire network, is "a big shift for a big engine like DOD," Carey said.

As the department implements the joint information environment and delivers a consistent computing architecture -- which Carey noted the department does not yet have -- security becomes the discriminating factor, he said. "The access, the cost -- all those facets of the efficiency of cloud computing -- if it isn't secure enough, it will not serve us well," he added.

Carey said the way the intelligence community secures data on its networks can serve as a model for the Defense Department's joint information environment. "I look at the [intelligence community] and its transformation, and I look at [the joint information environment] and the DOD transformation, and they are very aligned," he said.

There are differences between the two communities, he said. The intelligence community doesn't have to accommodate heterogeneous data security requirements, Carey said, and the network construct within DOD is different. "We're just a little more complex," he said. "But we are working on a plan with them to take the applicable lessons learned ... into our world."

The cloud is secure today, Carey said, but only for certain types of data. In its move to cloud computing, he said, the problem the department faces is progressing from its legacy systems into an up-to-date information environment in an era of cost constraints.

"We're moving at a very deliberate pace," Carey noted. "We have lots of [pilot programs] going on to evaluate these kinds of things and to make sure we understand both the pros, cons and risks of moving into the cloud space."

Whether the department is ready to forge ahead on implementing a new information technology infrastructure hinges on whether it also ready is to make a cultural shift, he said.

"We have to take advantage of what commercial technology is bringing us, but at the same time, make sure that the people that actually ... acquire it for us are able to do so," Carey said.

The DOD IT community tends to try and avoid risk entirely rather than conduct risk management, he said, which is a problem given the rapid pace of information technology development.

"The acquisition corps is working on creating that workforce that's able to understand how fast industry is moving and proceed with a risk-management approach vice a risk-avoidance approach," he said.

Measuring risk in the cloud and the costs of risk response is a difficult task, Carey noted.

"At the end of the day, the metrics of cloud security are, at best, nebulous," he said. It isn't always easy to describe the relationship between risk reduction and purchasing, he added, but it's important for the information technology community to try.

Sunday, September 30, 2012

TRANSFORMING CYBER OPERATIONS INTO CLOUD COMPUTING

Photo Credit:  U.S. General Services Administration 

FROM: U.S. DEPARTMENT OF DEFENSE
Officials Discuss Cybernet Transformation Efforts
By Amaani Lyle
American Forces Press Service


WASHINGTON, Sept. 28, 2012 - Defense officials gathered at the National Press Club yesterday discussed DOD efforts to transform its cyber operations into cloud computing technology that's envisioned to provide added agility, security and cost effectiveness.

Robert J. Carey, DOD's principal deputy chief information officer; Grant M. Schneider, Defense Intelligence Agency deputy director for information management and CIO; and Air Force Lt. Gen. Ronnie D. Hawkins Jr., Defense Information Systems Agency director, comprised the discussion panel at the 3rd Annual Billington Cybersecurity Summit here.

The discussion included presentation of the DOD's cloud computing strategy that transforms the department's redundant and costly current network applications silos to an end state that ideally fosters a more agile, secure, and cost effective service environment.

Cloud computing is a converged infrastructure that allows greater application set-up and speed with improved manageability and reduced maintenance, enabling technicians to more quickly adjust to and protect against threats, officials said. DISA has been named enterprise cloud service broker maintaining mission assurance and information interoperability within the strategy.

The speakers agreed that an enterprise cloud environment offers tangible benefits.

"There's a great recognition in the importance of this space in our business," Carey said. "Going to cloud computing is a product of consolidating and standardizing the infrastructure and [enables us to] really thrive off those savings."

Though developed in an era of fiscal constraint, the strategy also offers a roadmap to the creation of department core data centers, he said, and future budget cycles should include appropriate funding for ongoing cybersecurity growth and training.

"The resources are drawing down and drying up," Hawkins said of current budget concerns. "The true issue ... is that there is ... an initial start-up cost to get there."

Both a consumer and provider of infrastructure services across the intelligence community and DOD, Schneider examined what will likely be required in years to come in order to optimize cloud computing and data consolidation.

"As we drive towards more standardization and more normalization ... at a very tactical level [with] more interconnectivity ... doing it in ways that [are] generally headed in the same direction from enterprise architecture is absolutely critical," Schneider said.

Equally important are the people who will be implementing these strategies and methods, Hawkins said.

"[We've got to] look at standing up the right academic setting," Hawkins said. "We are trying to build that capability from a joint perspective within the cyber workforce."

In training, the overall goal is to teach people to react in what Carey calls "internet speed" with a sharper focus on skill sets rather than rank or professional origin.

"We're moving toward proficiency-based training," Carey said. "Training a defender like an attacker and an attacker like a defender is a really important skill set. It works in football and it'll work in this game too."

Thursday, September 13, 2012

GSA ESTIMATES CLOUD MIGRATING EMAIL ACCOUNTS WILL SAVE $15 MILLION


FROM: U.S. GENERAL SERVICES ADMINISTRATION

Creating Comprehensive Cloud Solutions
Posted by Mary Davie, Assistant Commissioner, Office of Integrated Technology Services on September 12th, 2012

Recently GSA announced the availability of our cloud email solution,
the Email as a Service (EaaS) Blanket Purchase Agreements (BPA), which will allow agencies to order pre-approved cloud based tools for email, office automation, and electronic records management, as well as the migration and integration services necessary for a swift transition leading to rapid savings. The BPAs offer government recurring purchasing options at a reduced cost that are also convenient and efficient.

Cloud based email services support the Obama Administration’s efforts to bring cloud services into the federal government and reduce federal data centers, which save taxpayer dollars. The implementation of 25 Point Federal IT Reform Plan, and "Cloud First" mandates require federal agencies to consider cloud-based solutions the new default IT solution. Everything agencies need to move to the cloud is available through GSA.

Cloud IT represents an innovative way for government to do more with less at a time when federal budgets are shrinking. Agencies can leverage cloud services to become more efficient. We estimate that agencies that use cloud based email will save 50 percent, about $1 million, annually for every 7,500 users migrated. Last year GSA was the first federal agency to make the move to cloud migrating 17,000 email accounts, saving $2 million to date, with an estimated savings of $15 million over five years.

What makes EaaS even more exciting is that it will leverage GSA’s innovative security program, Federal Risk Authorization Management Program (FedRAMP), which uses a "do once, use many times" approach to save agencies time and money by providing a standardized approach to security assessment, authorization, and continuous monitoring.
These new BPAs are the latest cloud offering from GSA, however, we have been working in collaboration with government and industry for years to provide government agencies with a comprehensivecloud solutions portfolio for use by government agencies to save millions of taxpayer dollars. In fact, GSA’s history of providing cloud solutions dates back to 2009.
The move to the cloud has not been easy and there have been some growing pains in the process for both government and private industry providers. Government is experiencing slower migrations to the cloud than anticipated and industry is learning what it takes to meet government mandated security controls. Transitioning to cloud IT is a major shift in the way government conducts business, which means that we are constantly learning lessons and making improvements. And out of those lessons we get great solutions, like FedRAMP, which will make sure that every agency, no matter their mission, can rely on the security of their cloud solutions; and the millions spent by agencies conducting their own security assessments can be avoided.

GSA views technology, specifically cloud technology, as a primary driver to transform how government works while saving millions of taxpayer dollars and driving efficient collaboration. We envision a great government through technology and cloud IT is helping us take a giant leap in that direction.

Friday, August 31, 2012

GSA SAYS GOVERNMENT CAN SAVE MONEY USING CLOUD EMAIL


U.S. GENERAL SERVICES ADMINISTRATION
GSA Announces Cloud Email Services for Federal Government

Blanket purchase agreements streamline cloud transition, saves taxpayer dollarsAugust 30, 2012

WASHINGTON — Today, the U.S. General Services Administration announced that it is now offering cloud based email services, making it easier for government agencies to move to cost saving cloud services. Through 20 blanket purchase agreements awarded to 17 businesses today, federal, state, local and tribal governments will have access to cloud based email services. Cloud based email services supports the Obama Administration’s mandates and initiatives to bring cloud services into the federal government and reduce federal data centers, which save taxpayer dollars.

"GSA has added another excellent option for agencies looking to rapidly move their email to the cloud to save time, resources and taxpayer dollars," said Mary Davie, Acting Commissioner of GSA’s Federal Acquisition Service. "Our innovative cloud solutions are another example of how GSA offers the best value, low cost services that help agencies serve the American people."

GSA is offering these email services through a blanket purchase agreement with the cloud service providers, which allows for simplified ways of fulfilling recurring needs for these services. Transitioning to a cloud solution lowers the cost of email by up to 50 percent annually and saves $1 million for every 7,500 email boxes. Cloud computing provides flexible platforms that enable increased efficiency, agility, and innovation.

Last year, GSA was the first federal agency to move to a cloud based email system, saving $2 million dollars to date. Over the next five years, GSA will see another 50 percent savings with an estimated $15 million reduction in IT costs.

GSA’s award of these cloud email service contracts allows vendors to provide government entities with email, cloud-based office automation, electronic records management, migration services, and integration services.

President Obama has asked government agencies to leverage cloud services to become more efficient. The implementation of 25 Point Federal IT Reform Plan, and "Cloud First" mandates require federal agencies to consider cloud-based solutions the new default IT solution.

GSA has awarded 20 blanket purchase agreements to 17 cloud service providers, 4 of which are small businesses. The businesses that received these contracts are:

Accenture Federal Services LLC, Autonomic Resources LLC, CGI Federal Inc., Ciracom Inc., Computer Sciences Corporation, Dell Federal Systems L.P., DLT Solutions, General Dynamics Information Technology Inc., Harris IT Service Corporation, IBM Global Business Services, Lockheed Martin, Onix Networking Corp, Science Applications International Corporation, Smartronix Inc., Systems Research and Applications Corporation, Technosource LLC, and Unisys.

Sunday, June 17, 2012

CLOUD COMPUTING, THE NEXT IT REVOLUTION


FROM:  U.S. GENERAL SERVICES ADMINISTRATION
Statement of Dr David McClure "The Next IT Revolution? Cloud Computing Opportunities and Challenges"

STATEMENT OF
Dr. David McClure
Associate Administrator
Office of Citizen Services and Innovative Technologies
General Services Administration
BEFORE THE
HOUSE SCIENCE, SPACE AND TECHNOLOGY COMMITTEE
SUBCOMMITTEE ON TECHNOLOGY AND INNOVATION
September 21, 2011
"The Next IT Revolution? Cloud Computing Opportunities and Challenges"
Chairman Quayle and Members of the Subcommittee:
Thank you for the opportunity to appear before you today to discuss the General Service
Administration's (GSA) leadership role in ongoing efforts to enable and accelerate adoption of cloud computing across the federal government. Cloud adoption is a critical component of the Administration’s plan to improve management of the government’s IT resources. The reforms underway are enabling agencies to use information more efficiently and effectively, delivering improved mission results at lower cost.

Cloud computing offers a compelling opportunity to substantially improve the efficiency, agility and performance of the federal information technology portfolio. It allows agencies to pay only for the resources they use in response to fluctuating demand, avoid the expenses of building and maintaining costly IT infrastructure, and control the appropriate level of security for data and applications. Cloud computing is also a key technology for achieving cost effective IT. In fact, agencies have already started to realize numerous benefits as they begin to adopt cloud computing across their programs. These include cost reduction, faster deployment of systems and applications, increased productivity, greater flexibility and scalability and improved self-service capabilities. As agencies consolidate and virtualize their data centers, cloud provides an ideal path forward to achieve needed results while substantially lowering costs – an essential focus given federal budget constraints.

GSA is playing a leadership role in facilitating easy access to cloud-based solutions from
commercial providers that meet federal requirements, enhancing agencies’ capacity to analyze viable cloud computing options that meet their business and technology modernization needs, and reducing barriers to safe and secure cloud computing. We are developing new cloud computing procurement options with proven solutions that leverage the government’s buying power, ensuring effective cloud security and standards are in place to lower risk, and identifying and leveraging government-wide uses of cloud computing solutions such as email.

These are highlighted on our web page Info.Apps.gov, which provides useful information about cloud computing and available solutions. The Administration’s efforts to apply rigor to information technology management and foster cloud adoption is framed by several key guidance documents and policies, including the OMB 25 Point Implementation Plan to Reform Federal Information Technology Management and the Federal Cloud Computing Strategy issued by the federal CIO’s office. The initiatives being implemented in response to these documents are making significant progress tackling long standing challenges in the way IT is acquired and managed. These reforms are also meeting the Administration’s goals to make government more responsive, operationally effective, cost efficient, transparent, participatory, collaborative, and innovative for the citizens it serves.

The Subcommittee asked that I address the four questions outlined below.
(1) Please provide an overview of how the General Services Administration (GSA) is
implementing the Office of Management and Budget’s (OMB) 25 Point Implementation
Plan to Reform Federal Information Technology Management, the OMB Federal Data
Center Consolidation Initiative, and the Federal Chief Information Officer’s Federal
Cloud Computing Strategy. GSA plays a central role in realizing the goals set forth in the Administration’s initiatives and strategies to reform IT management, consolidate data centers and implement cloud computing  Below are the primary initiatives underway to achieve the policy goals of Data Center Consolidation, the Cloud Computing Strategy and the specific objectives of the 25 Point Plan. Below is an overview of the work we are conducting to support specific objectives of the Federal IT Reform Strategy. Each objective of the 25 Point IT Reform Plan for which GSA is directlyresponsible is identified in bold; the specific section is in parenthesis.Complete detailed implementation plans to consolidate at least 800 data centers by 2015.

(#1)
Create a government-wide marketplace for data center availability (#2)
The Federal Data Center Consolidation Initiative (FDCCI), managed jointly by GSA and OMB, is charged with reversing the federal government’s explosive data center growth to optimize and improve efficiency of federal IT infrastructure. The FDCCI is chartered to engage with agencies, support and facilitate agency data center consolidation planning, and to provide tools to federal partners.

Under the FDCCI, GSA is accomplishing the following:
Working with a government-wide task force co-chaired by DHS and DOI that meets
monthly and includes representatives from all 24 CFO Act agencies.

Assisting agencies to maximize the return on investments for data centers to remain in
their inventory after consolidation Ensuring consistent data collection of the federal data center inventory by developing
and disseminating standard templates to collect, manage, and analyze agency data
center inventory data.

Collaborating with industry on best practices and solutions for key data center
consolidation issues. Developing a comprehensive data center Total Cost Model for agencies to use to
analyze alternative consolidation scenarios, enable data-driven decision-making for
infrastructure cost and performance optimization.

Pursuing development of a data center marketplace that would help optimize
infrastructure utilization across government by matching agencies with excess
computing capacity with those that have immediate requirements. A working group is
addressing consensus-building, requirements gathering, and other key facets necessary
to ensure the marketplace’s success. Stand up contract vehicles for secure IaaS solutions

(#4)
IT infrastructure represents a multi-billion dollar investment that requires constant maintenance, expensive technology upgrades, and dedication of valuable personnel. Agencies are faced with outdated infrastructure requiring ongoing, major investments to keep pace with growing demand and rapidly changing technology. Servers across both government and industry are highly underutilized. To address these issues, GSA’s Federal Acquisition Service (FAS) established a Blanket Purchase Agreement (BPA) with 12 companies (many with multiple partners) that offer cloud storage, computing power, and cloud-based website hosting as commodity services that enable agencies to optimize their infrastructure and achieve substantial, long-term cost savings.

Under these Infrastructure as a Service (IaaS) contracts, agencies pay only for what they need, define performance requirements, have the flexibility to respond to changing demands, benefit from commodity pricing, and are assured of secure solutions. At present, four contractors are offering services under the BPA, with the remaining completing the security authorization process. DHS has recently awarded a task order under this BPA for the consolidation and migration of its public facing websites to a cloud hosting service. Stand up contract vehicles for commodity services

(#5)
Working closely with email and collaboration experts from across government, GSA developed a government-wide contract vehicle to help agencies move email and collaboration solutions to the cloud. The Email as a Service (EaaS) BPA is an active procurement managed by FAS; responses are currently being evaluated. It will offer federal customers a streamlined procurement vehicle to commercially available cloud email solutions that best fits their agency's needs. Based on information from Forrester Research, average cost savings for agencies migrating to cloud-based email are expected to be $11/mailbox/month, $1 million in annual savings for every 7,500 users, or approximately 44% over existing on-premise email solutions.

The BPA will offer a range of email services in public, private, and highly secured clouds,
making available robust, feature-rich, secure email and collaboration service options similar to those currently being implemented at GSA, USDA, USAID, DOE, and other agencies. It can meet the needs of the 15 agencies that have identified 950,000 e-mail boxes they plan to move to the cloud under the Administration’s IT Reform effort. Launch an interactive platform for pre-RFP agency-industry collaboration

(#25)
To streamline the procurement process and enhance communication with industry, GSA is
establishing "cross-trained" program teams and improving the way requirements are defined. GSA is working to establish an interactive platform for pre-RFP agency-industry collaboration. Based on input from government and industry, alternatives for design and delivery of an online collaboration tool have been examined and rated. Candidates for the tool included existing government systems and commercial collaboration tools.

GSA not only is fostering adoption of cloud computing government-wide, but as required under the Cloud First policy, has recently completed a major cloud migration of our internal email and collaboration solution that demonstrates the significant potential of cloud solutions to achieve substantial cost savings. In approximately seven months, we moved 17,000 users to Google Apps for Government. Savings over the next five years are projected to be over $15M. Not only have we reduced costs, but we have also made significant gains in environmental sustainability – we shut down 45 servers, which is equivalent to taking 60 cars off the road. The lessons learned from our cloud implementation have been captured and are being shared with agencies across the government as they seek to achieve similar success.

2. Please provide an overview of the costs associated with implementing these plans at
GSA, and provide a description of both the short-term and long-term budgetary impacts of these changes. To date, GSA’s Federal Cloud Computing Initiative has been funded under the e-Government program administered by the Federal Chief Information Officer. In FY10 and FY11 GSA’s Federal Cloud Computing Initiative (FCCI) Program Management Office (PMO) budget of $4.8 million was allocated to five primary tasks:

Establish procurement vehicles that allow agencies to purchase IT resources as
commodities - resulting in the award of the Infrastructure as a Service (IaaS) Blanket
Purchase Agreement under GSA Schedule 70.

Address security risks in deploying government information in a cloud environment -
resulting in the development of the Federal Risk Authorization Management Program
(FedRAMP)

Establish a procurement vehicle that allows agencies to purchase cloud-based e-mail
services - resulting in the issuance of the Email as a Service (EaaS) procurement that is
currently underway

Work with agencies to consolidate their data center asset - resulting in the Federal Data
Center Consolidation Initiative that works with agencies to inventory their data center
assets and to identify targets for consolidation and optimization

Create apps.gov, an on-line storefront that provides access to over 3,000 cloud-based
products and services where agencies can research solutions, compare prices and
place on-line orders using GSA’s eBuy system.

This initial funding provided by the e-Gov Fund allowed GSA to accomplish significant results. However, there are key activities that still need to be accomplished to realize the significant, additional potential cost savings and productivity improvements that GSA can help agencies achieve. The continuation of these cost-saving initiatives is dependent on FY12 eGov Fund budget levels and decisions.

3. What cybersecurity steps is the GSA taking to protect federal data and communications in the cloud? To what extent does GSA work with NIST on the development of cybersecurity standards for federal cloud computing use?

The primary goal of the Administration’s Cloud First policy is to achieve widespread practical use of secure cloud computing to improve operational efficiency and effectiveness of government. Currently, each agency typically conducts its own security Certification and Accreditation (C&A) process for every system it acquires, leading to unnecessary expense, duplication and inconsistency. According to the 2009 FISMA report to Congress, agencies reported spending $300M on C&A activities alone. Working in close collaboration with DHS, NIST, DoD and OMB and the Federal CIO Council,
GSA is leading establishment of the Federal Authorization Risk Management Program
(FedRAMP) to accelerate adoption of secure cloud solutions by agencies across government.

Key benefits include:
Provides a single, consistent security risk assessment and authorization that can be
leveraged across agencies – an "approve once, and use often" approach

Establishes a common set of baseline security assessment and continuous monitoring
requirements using NIST standards

Approves and makes available qualified, independent third party assessors, ensuring
consistent assessment and accreditation of cloud solutions and based on NIST’s proven
conformity assessment approach

Shifts risk management from annual reporting under FISMA to more robust continuous
monitoring, providing real-time detection and mitigation of persistent vulnerabilities and
security incidents.

There is strong support and demand for FedRAMP from agencies seeking to adopt cloud
services, as required by the Administration’s Cloud First policy, and from industry. FedRAMP's processes, policy, governance, and technical security standards have all been arrived at via a consensus-based approach that includes agencies’ Chief Information Security Officers, the Federal CIO Council, National Institute of Standards and Technology (NIST), Department of Homeland Security (DHS), Department of Defense (DoD), National Security Agency (NSA), and numerous industry organizations. This new program is expected to be initially launched this Fall.

4. What other challenges face federal agencies in adopting cloud computing services,
and what steps is the GSA taking to overcome these challenges?
Considerable progress has been made in adopting successful cloud solutions. Cloud computing’ is now an accepted part of the federal IT lexicon. However, there continues to be a need for more thorough understanding of the cloud’s deployment models, unique security implications, and data management challenges. Agency executives should not focus on cloud technology itself; rather, they should focus on the desired outcome driving the need for cloud adoption.

CIOs need to work with their line of business executives and program managers to develop and deploy effective cloud roadmaps that address pressing agency mission needs, taking into account costs savings and expected performance improvements. Agencies should analyze business needs and identify cloud solutions that best fit their requirements by making cloud adoption part of an overall IT portfolio management and sourcing strategy. NIST is currently working on a Cloud Computing Technology Roadmap that will be released in November. If linked to cloud provider products and services, it would greatly assist in this decision-making.

Cultural resistance is also a major challenge. Cloud adoption requires moving away from
managing physical assets to buying services. As GSA’s own experience has shown, these
issues can be effectively addressed. Critical success factors include robust communication,
practical training and emphasis on the benefits of cloud, and especially on the control agencies gain by buying what they need and defining performance metrics that are tied to desired performance results. GSA found that having a group of early adopters fostered buy-in and enthusiasm, and provided a ready corps of skilled users.

Conclusion
Mr. Chairman, General Services Administration is leading the Administration’s charge to make government more open, transparent, and effective for the citizens it serves. In our increasingly data-centric and network-based world and workplace, effective and efficient procurement and implementation of information technology will be paramount in making sure the federal government closes the IT performance gap between it and the private sector. Cloud computing and data center consolidation are key initiatives that should be pursued aggressively to achieve needed costs savings and improve effectiveness of government operations.

Thank you for the opportunity to appear today. I look forward to answering questions from you and members of the Subcommittee.







Monday, March 26, 2012

U.S. AND JAPAN ISSUE JOINT STATEMENT ON THE INTERNET ECONOMY


The following excerpt is from the Department of State 
U.S.-Japan Policy Cooperation Dialogue on the Internet Economy Third Director General-Level Meeting
Media Note Office of the Spokesperson Washington, DC
March 23, 2012
Following is the text of a joint statement issued by the United States of America and Japan at the conclusion of the United States - Japan Policy Cooperation Dialogue on the Internet Economy.
Begin Text:
On March 22 and 23, 2012, the third Director General-level meeting of the U.S.-Japan Policy Cooperation Dialogue on the Internet Economy was held in Tokyo. Hajime Tonegawa, Director General of the Global ICT Strategy Bureau, Ministry of Internal Affairs and Communications (MIC), and officials representing MIC, the IT Policy Office, the National Information Security Center, the Consumer Affairs Agency, the Ministry of Foreign Affairs, and the Ministry of Economy, Trade and Industry participated in the dialogue from Japan. Ambassador Philip Verveer and officials representing the U.S. Department of State, the Federal Communications Commission, the U.S. Department of Commerce’s National Institute of Standards and Technology, and the U.S. Department of Homeland Security participated in the dialogue from the United States. In addition, representatives from both U.S. and Japanese industry participated in some of the discussions.

Recognizing that the Internet is transforming the global economy and improving the lives of people around the world, participants from both countries concurred that close cooperation and commitment to shared values is essential. During the dialogue, participants exchanged views on important topics in Internet and information and communications technology (ICT) policy, emphasizing the need for openness, innovation, and increased opportunities for U.S. and Japanese industry.
On March 22, industry representatives from both countries submitted a “U.S.-Japan Business Dialogue on the Internet Economy Joint Statement,” which addressed the need for:
(i) Coordination on Internet policy issues;
(ii) Promotion of cloud computing services;
(iii) Continued collaboration on cyber security;
(iv) Promotion of ICT in the public sector;
(v) Coordination on disaster response;
(vi) Internet Protocol version 6 (IPv6) deployment; and
(vii) Cooperation on research development, training, and promotion of digital literacy.
Taking account of the “U.S.-Japan Business Dialogue on the Internet Economy Joint Statement,” government participants from both countries emphasized the need to ensure the free flow of information in order to foster innovation and stimulate economic growth. Participants discussed the following topics:

(1) Internet Policy Issues
(a) Participants reaffirmed the importance of the principles mentioned in the joint press statement of the 2nd Director General-level meeting last year, including:
Preserving the open and interoperable nature of the global Internet, which underpins the global free flow of data; and
Protecting Internet freedom, which includes the freedoms of expression, association, and assembly online.
To advance these principles, participants recognized the importance of:
Coordination on Internet policy issues, including Internet governance, protecting personal information, and protecting children online;
Cooperation on Internet policy issues at international and multilateral fora; and
Encouraging other countries to develop trade principles consistent with the “U.S.-Japan trade principles for ICT services,” finalized in January 2012.
(b) Recognizing the concerns of users about the proper use of personal information by ICT service providers, participants shared the view that service providers should be accountable for protecting users’ personal information, regardless of national boundaries.
Taking note that the European Union (EU) has proposed a new privacy framework, participants emphasized the importance of the Asia-Pacific Economic Cooperation (APEC) Data Privacy Subgroup, which plans to pursue international engagement, including with the EU, to promote the interoperability of regional approaches to data protection.

(2) Development of a U.S.-Japan Cloud Computing Working Group
Participants concurred that they will develop a U.S.-Japan Cloud Computing Working Group at the Director level, which will convene around fall 2012 after identifying key policy issues based on views expressed by U.S. and Japanese industry.
Participants recognized that the adoption of cloud computing services will expand business opportunities and foster economic growth. In addition, participants concurred that cloud computing technology has specific advantages in times of disaster, providing a key infrastructure to help us respond to emergencies and restore our lives.

(3) Continued Cyber Security Cooperation for Commercial Networks
Participants acknowledged the importance of improving cyber security measures, and recognized that international cooperation is imperative to addressing the issue, since cyber incidents cross our borders. Participants concurred that the U.S. and Japanese governments, private sector partners, and research institutions in the United States and Japan, should share information relating to cyber incidents and accelerate collaborative research and development in order to prevent and respond quickly to cyber incidents that may occur. In addition, participants acknowledged their commitment to greater bilateral and international cyber security collaboration.

(4) Promotion of ICT in the Public Sector
Participants recognized the importance of sharing best practices for the use of ICT – including the use of cloud computing technology – in the field of public administration, as well as public-private collaboration for open government.

(5) IPv6 Deployment
Participants recognized the importance of sharing the current status of IPv6 deployment and best practices in both countries, given that companies are beginning to deploy IPv6-based services and products. Participants concurred that they should continue to share best practices and status updates on IPv6 deployment.

(6) Cooperation on Research Development and Training
Participants concurred that they will continue to conduct joint research and development, and exchange personnel, in order to promote the research and development of the New Generation Network (NWGN) / Future Internet.

 (7) Protecting Children Online
Participants recognized the importance of protecting children online. In particular, participants concurred that public-private initiatives, voluntary industry-led efforts, and consumer and business education, are all important complements to law enforcement. Working together, these elements represent the best approach to providing a safe Internet environment for young people. Participants also concurred that further coordination would be beneficial.

(8) Mobile Broadband and Spectrum Auctions
Participants provided an update of their policies on frequency allocation for mobile broadband services and spectrum auctions, and acknowledged the importance of further information sharing.




Search This Blog

Translate

White House.gov Press Office Feed