Destination: Cloud first

The August announcement was supported by publication of redacted copies of a Cabinet paper titled ‘Managing the Government’s Adoption of Cloud Computing’ and the Cabinet meeting minutes. This material reveals some interesting insights into the rationale of the decision.

The Cabinet noted, for example, that the Cloud Programme Business Case confirmed:

- that there are significant financial, efficiency, collaboration and innovation benefits to be gained through the coordinated, all-of-government adoption of cloud computing;

- that these benefits are available across a large range of ICT products and services;

- that delaying adoption is resulting in opportunity costs.

Cabinet agreed that “an all-of-government ‘cloud first’ approach be taken for the government’s adoption of cloud computing”, with the Government CIO to be tasked with creating appropriate policy frameworks and standards in collaboration with agencies.

“Cloud first” is explained as “where state services agencies would be expected to adopt approved cloud services either when faced with new procurements, or an upcoming contract extension decision.”

It was noted that the adoption of cloud services, whether hosted onshore or offshore, involves potential risks to the confidentiality, integrity and availability of government information and that appropriate risk and assurance frameworks will need to be developed.

It was agreed that office productivity services will be the first set of services to be deployed and that these be hosted onshore, for the time being, and be initially implemented in a small number of agencies with subsequent deployment across the state services and the wider state and public sectors.

While there is still only limited actual adoption of cloud services in New Zealand agencies, the government has recognised the imperatives for creating a positive bias to decision making in favour of the cloud computing model.

Australia: “cloud when we, and it, are ready”

The New Zealand government’s position on cloud services shows more policy leadership than the Australian government – which has to date adopted a conservative policy stance.

The Australian Government Information Management Office (AGIMO) has been evolving its policy position on cloud computing since publishing a Cloud Computing Strategic Direction paper in April 2011.

Much has been achieved to lay the foundations for cloud services adoption. A series of better practice guidelines documents have been published, covering privacy, legal, financial and record keeping compliance considerations as well as community cloud governance and a guide to implementing cloud services. A procurement panel contract arrangement for cloud services was launched in October - called the Data Centre as a Service (DCaaS) Multi Use List. This arrangement caps cloud services contracts at A$80,000 and 12 months duration, and requires agencies to submit requests to purchase cloud services to AGIMO for processing. These arrangements apply the full weight of traditional ICT procurement bureaucracy to cloud services and position AGIMO as a centralised gatekeeper.

Formally, the Australian policy position is “that agencies may choose to use cloud computing services where they provide value for money and adequate security”. This can be characterized as a “cloud neutral” policy stance … or perhaps “cloud when we, and it, are ready”. From a managerial perspective, discretion is often the better part of valour – but is it good leadership?

When this cautious stance is combined with the publication of documents which are primarily concerned with describing the new potential/theoretical risks and issues of cloud services, and controlling cloud procurement, the practical effect is that the position is interpreted by agencies as “cloud last”. AGIMO is acting as the metaphorical “man with the red flag walking in front of the motor car”. This approach creates many reasons for agencies to “play it safe” and avoid or defer cloud adoption until its maturity is demonstrated in other jurisdictions with a more positive bias for innovation such as the US … and New Zealand.

It is perhaps not surprising, therefore, that there has been minimal adoption of cloud services by federal government agencies – and hence little ‘hands on’ experience has been gained 18 months after the publication of the cloud strategy. Both AGIMO and agencies still regard cloud services as unproven and risky and hence the policy guidance reflects a focus on the largely theoretical new risks and issues of cloud services. Without practical experiences of the benefit/risk trade-offs it is all too easy to fixate on the potential new risks of cloud services – while continuing to sweep the clear and present dangers of the status quo under the carpet.

Cloud services drive innovation … not just procurement reform

I commented in an article published in 2010 that Australia was “asleep at the wheel on the need to link the government procurement and industry development agendas” in regard to cloud services. It has been incongruous for some time that the government has adopted a hyper conservative policy position on cloud service procurement at the same time as spending billions on the National Broadband Network to rev up the digital economy. The need for more proactive policy leadership was recognised recently by Australian Prime Minister Julia Gillard in response to discussion at a Digital Economy Forum in October. At the conclusion of the forum she requested the Minister for Broadband, Communications and the Digital Economy, Stephen Conroy, to develop a national cloud computing strategy. This is being led by senator Conroy’s department and is expected to be considered by the government in early 2013.

It is becoming increasingly clear that cloud services, combined with mobility and data analytics, is one of the core innovations driving the digital economy globally. Australia and New Zealand are small nations in a game that is being driven by the massive scale of global corporations. It is probably inevitable that we will eventually become net consumers of cloud services, but there is no reason why we cannot also create robust domestic cloud services and sell them to ourselves and the world. We need to accelerate the rate at which we learn how to use cloud services to drive productivity and innovation in government and industry. This will also accelerate the development of skills for both adding value to global cloud services locally and for launching locally-based cloud services fit for both the domestic market and for export. Putting government’s demand on the table is one way to accelerate the rate at which cloud skills grow in the economy.

Thomas Friedman’s 2005 book The World is Flat was written in a pre-cloud era but his insights about the power of technology to create a level global playing field were prescient. Broadband networks, cloud services, anyplace/anytime access on mobile devices and the ability to gain insights from massive real-time data sets are flattening the field of play in ways that we could never have envisioned even less than a decade ago. Both New Zealand and Australia need to learn how to live and prosper in the flat world of public cloud services … the sooner the better.

This is why cloud first is a good policy stance for governments. New Zealand’s cloud first policy stance provides a more visionary and direct challenge to the 20th century ICT procurement practices of agencies and asks “why not cloud?” This is a much more direct catalyst for innovation and will deliver benefits in both the productivity of agencies and the growth of the digital economy.

There are, of course, challenges associated with the transition to cloud services. We need to think differently about data sovereignty, how we frame business requirements and the management of security, integration and counter-party risk. These challenges are a product of the Internet-age. Cloud services are simply the catalyst that is bringing them to a head at this time. We will need to solve them eventually in order to fully participate in the global digital economy, so let’s get on with it.

Is cloud first counter-productive?

Some executives and CIOs express concerns that a cloud first stance can lead to counter-productive, overly simplistic, thinking and activity. If cloud services are seen as a “silver bullet” the result will be disappointment vs. unrealistic expectations and a burst of poorly planned, insecure, non-integrated initiatives driven by vendor hype. The argument is that this will lead to an over-reaction against the cloud model that will, in the end, damage the momentum of enthusiasm for cloud services adoption. Perhaps it is a “tortoise vs hare” situation. Their view is that slow and steady might be the better race tactic.

It is useful, however, to examine the outcomes of the US government’s cloud first policy. The US Government Accountability Office (GAO) issued a report in June that assessed the results of the 2010 Cloud First strategy across seven agencies. The GAO noted that “Agencies have incorporated cloud solutions into their IT and investment management policies and processes, and implemented one or more services in a cloud environment by December 2011.” All seven agencies plan to achieve the target of three services in the cloud by the end of 2013. The GAO found that agencies had faced many challenges in transitioning to the new model, but that guidance work by the National Institute of Standards and Technology (NIST) and other central policy agencies was proving increasingly helpful. They also noted that future cloud computing efforts should feature more rigorous planning and cost/benefit analysis to ensure realisation of the benefits of migration off legacy environments.

Overall, the GAO’s scorecard was quite positive for the implementation of Cloud First. It appeared that the strategy was effective in stimulating a focused burst of organisational learning that had accelerated innovation in ICT procurement and project management. Certainly, the US government, and also the US ICT industry, would not be as far ahead in its cloud thinking and cloud capabilities without Cloud First’s stimulation of hands-on activity and demand for cloud solutions by agencies.

Next: Cloud first is a leadership stance