Clear cloud procurement standards needed for federal government

As federal agencies continue to turn to cloud integration for a wide range of IT services, it is becoming increasingly clear that greater standardization is necessary. Recently, the nonprofit TechAmerica Foundation asserted that the federal government should take steps to develop procurement standards, InformationWeek reported.

Procurement issues
The news source noted that the most recent TechAmerica Foundation guide emphasized the need for common evaluation methods among federal agencies when it comes to cloud services. This guide suggested that agencies follow such commonsense best practices as mapping priorities and then identifying fitting business cases. These business cases should take into account costs, performance objectives and requirements.

Throughout this process, cybersecurity should remain a focal point, the source explained. Every agency has its own security requirements, and every cloud service has its own security offerings. Decision-makers need to find the right match when pursuing cloud integration.

"[T]he path to effectively and efficiently utilizing the cloud is not an easy one. Individual agencies have different requirements and demands of their cloud solutions, and as such it can sometimes be difficult to correctly procure cloud services," the report stated, according to the source.

InformationWeek noted that this 30-page guide reinforces the "cloud first" policy declared by the Office of Management and Budget in 2010. This policy called on agencies to pursue cloud solutions rather than building additional data centers whenever possible. Many agencies have made progress in this capacity, including the Department of Health and Human Services, Department of the Treasury and Department of Defense.

Concerning the DOD, Congress recently saw the introduction of legislation that would further accelerate cloud integration in this department. Aligning with the TechAmerica Foundation report, the proposed legislation would more thoroughly define security standards for potential cloud services.

"This legislation will allow DOD to take full advantage of the cloud services and best practices from both the government and commercial sector, which will, in turn, decrease costs, increase accessibility and allow for a more secure system overall," said Rep. Niki Tsongas, D-Mass., Gov Info Security reported.

The TechAmerica Foundation guide also recommended that federal agencies take their cue from the private sector. However, the organization pointed out that many private sector firms have also struggled to make optimal adoption decisions in regard to cloud services. Additional third-party assistance may be necessary to effectively pursue greater cloud integration.