F E B R U A R Y 8 , 2 0 1 1
Vivek Kundra
U.S. Chief Information Officer
F E D E R A L C L O U D
C O M P U T I N G S T R AT E G Y
i★ ★
TABLE OF CONTENTS
Executive Summary 1
I Unleashing the Power of Cloud 5
1 Defining cloud computing 5
2 Cloud is a fundamental shift in IT 6
3 Cloud computing can significantly improve public sector IT 6
II Decision Framework for Cloud Migration 11
1 Selecting services to move to the cloud 11
2 Provisioning cloud services effectively 15
3 Managing services rather than assets 16
III Case Examples to Illustrate Framework 19
1 Tailoring solution to protect security and maximize value 19
2 Provisioning to ensure competitiveness and capture value 20
3 Re-defining IT from an asset to a service 22
IV Catalyzing Cloud Adoption 25
1 Leveraging cloud computing accelerators 25
2 Ensuring a secure, trustworthy environment 26
3 Streamlining procurement processes 28
4 Establishing cloud computing standards 29
5 Recognizing the international dimensions of cloud computing 30
6 Laying a solid governance foundation 31
V Conclusion 33
Appendix 1: Potential Spending o ...
"Стратегия облачных вычислений правительства США" (VK при участии National In...Victor Gridnev
This document outlines the Federal Cloud Computing Strategy. It defines cloud computing and discusses how cloud computing can significantly improve public sector IT by increasing efficiency, improving asset utilization, reducing duplication, accelerating data center consolidation, and making IT simpler and more productive. Cloud computing also improves agility by allowing services to be more responsive to changing needs through rapid scaling. The strategy aims to articulate the benefits of cloud computing and provide guidance to support agencies in migrating services.
This document outlines the Federal Cloud Computing Strategy, which aims to accelerate adoption of cloud computing across the US government. It estimates that $20 billion of the government's $80 billion IT budget could potentially be migrated to cloud solutions. The strategy provides a decision framework to help agencies evaluate cloud options and identifies activities to catalyze cloud adoption, such as leveraging cloud accelerators, ensuring security, streamlining procurement, and establishing standards. Overall, the strategy promotes cloud computing as a way to improve government IT efficiency, agility, and innovation through more flexible access to shared computing resources.
This document presents the Federal Cloud Computing Strategy. It aims to accelerate adoption of cloud computing across the Federal Government to improve efficiency and innovation. Cloud computing offers a model where computing resources are provided as a service over the internet, allowing for rapid provisioning and scaling. The strategy provides a framework to help agencies select which services to move to the cloud and how to provision them effectively. It estimates that $20 billion of the Federal Government's $80 billion annual IT spending could potentially be shifted to cloud solutions.
This document outlines the U.S. Federal Government's cloud computing strategy. It defines cloud computing and its benefits, including increased efficiency through improved asset utilization and cost savings, as well as greater agility and innovation. The strategy establishes a "Cloud First" policy requiring agencies to evaluate cloud options before making new IT investments. It provides a framework for agencies to decide which systems to move to the cloud and how to effectively provision cloud services while managing systems as services rather than assets. The goal is to realize an estimated $20 billion in potential savings from migrating suitable systems to cloud solutions and improving public sector IT.
Introduction to Cloud Computing and Cloud InfrastructureSANTHOSHKUMARKL1
Introduction, Cloud Infrastructure: Cloud computing, Cloud computing delivery models and services, Ethical issues, Cloud vulnerabilities, Cloud computing at Amazon, Cloud computing the Google perspective, Microsoft Windows Azure and online services, Open-source software platforms for private clouds.
Across the world, governments are trying to present, in the best p.docxdaniahendric
Across the world, governments are trying to present, in the best possible way, their government services to citizens. Using the new technology is paramount to reduce this interaction through effective and efficient services.
Cloud Computing is a computing concept that is formed from the aggregation and development architecture such as SOA. Its purpose is to provide resources for communication and storage in a secure environment based on the service as quickly as possible, which is virtually implemented, via Internet access.
As the services provided by the e-Government are available via the Internet, so the benefits of Cloud Computing can be used in theimplementation of e-Government architecture to provide better service with the least economic cost.
Many countries have attempted to implement the e-Government based on the functionality provided by Cloud Computing, some of these countries have achieved remarkable success, and others have confronted difficult to make it worked.
This article will explore the use of Cloud Computing in e-Government, identify challenges and benefits of this use, and finish with benchmarking countries that have followed this approach.
Keywords: e-Government, Cloud Computing, Public services, Advantages, Challenges, Benchmarking, European governments, Arabic governments.
1. Introduction
For the past 10 years, the Internet and web services have experienced rapid and significant increases, which generated through their use in all sectors of activity, a high cost of data storage and consumption energy and complexities of implementation and infrastructure solutions.
To remedy this, large organizations have begun extensive studies to reduce these costs and complexities and they deduced the CloudComputing.
Today, Cloud Computing, this new technology, has effectively respond to thousands of their hardware and software needs, and it is considered the topic most requested by academics and research centers related to the field of information technology.
The e-Government among the industries that used the Internet and web services, seeks firstly overwhelming user satisfaction, and others from the implementation of an effective system based on Information Technology. To do this, the e-Government adopted to use the concepts of Cloud Computing.
2. Cloud Computing
2.1. Definition
In 2009, the National Institute of Standards and Technology (NIST) [9] published a definition of Cloud Computing as : "a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction."
This definition was included in the Global Security Mag magazine as "Cloud Computing is a new way of delivering IT resources, not a new technology." Moreover, this concept has been proven in my post in the second edition of the PhD day ...
This document discusses cloud computing and its potential benefits for organizations. It defines cloud computing and describes deployment and service models. The key benefits of cloud computing include lower costs, faster deployment of applications, scalability, and improved organizational agility. However, security, lack of standards, and regulatory compliance are challenges. The adoption of cloud computing is increasing but still early, with most activity from early adopters.
The document discusses government cloud computing initiatives in several countries and organizations. It outlines the US Federal government's plans to transition more IT services and data centers to cloud computing models in order to reduce costs. This includes initial pilots starting in 2009 and a goal of major agency capabilities being migrated to cloud platforms by 2012. Barriers to adoption like security, interoperability and governance are also covered. The economic benefits of transitioning to cloud computing are estimated to be savings of 5.7 to 15.4 times initial investments over a 10 year period.
"Стратегия облачных вычислений правительства США" (VK при участии National In...Victor Gridnev
This document outlines the Federal Cloud Computing Strategy. It defines cloud computing and discusses how cloud computing can significantly improve public sector IT by increasing efficiency, improving asset utilization, reducing duplication, accelerating data center consolidation, and making IT simpler and more productive. Cloud computing also improves agility by allowing services to be more responsive to changing needs through rapid scaling. The strategy aims to articulate the benefits of cloud computing and provide guidance to support agencies in migrating services.
This document outlines the Federal Cloud Computing Strategy, which aims to accelerate adoption of cloud computing across the US government. It estimates that $20 billion of the government's $80 billion IT budget could potentially be migrated to cloud solutions. The strategy provides a decision framework to help agencies evaluate cloud options and identifies activities to catalyze cloud adoption, such as leveraging cloud accelerators, ensuring security, streamlining procurement, and establishing standards. Overall, the strategy promotes cloud computing as a way to improve government IT efficiency, agility, and innovation through more flexible access to shared computing resources.
This document presents the Federal Cloud Computing Strategy. It aims to accelerate adoption of cloud computing across the Federal Government to improve efficiency and innovation. Cloud computing offers a model where computing resources are provided as a service over the internet, allowing for rapid provisioning and scaling. The strategy provides a framework to help agencies select which services to move to the cloud and how to provision them effectively. It estimates that $20 billion of the Federal Government's $80 billion annual IT spending could potentially be shifted to cloud solutions.
This document outlines the U.S. Federal Government's cloud computing strategy. It defines cloud computing and its benefits, including increased efficiency through improved asset utilization and cost savings, as well as greater agility and innovation. The strategy establishes a "Cloud First" policy requiring agencies to evaluate cloud options before making new IT investments. It provides a framework for agencies to decide which systems to move to the cloud and how to effectively provision cloud services while managing systems as services rather than assets. The goal is to realize an estimated $20 billion in potential savings from migrating suitable systems to cloud solutions and improving public sector IT.
Introduction to Cloud Computing and Cloud InfrastructureSANTHOSHKUMARKL1
Introduction, Cloud Infrastructure: Cloud computing, Cloud computing delivery models and services, Ethical issues, Cloud vulnerabilities, Cloud computing at Amazon, Cloud computing the Google perspective, Microsoft Windows Azure and online services, Open-source software platforms for private clouds.
Across the world, governments are trying to present, in the best p.docxdaniahendric
Across the world, governments are trying to present, in the best possible way, their government services to citizens. Using the new technology is paramount to reduce this interaction through effective and efficient services.
Cloud Computing is a computing concept that is formed from the aggregation and development architecture such as SOA. Its purpose is to provide resources for communication and storage in a secure environment based on the service as quickly as possible, which is virtually implemented, via Internet access.
As the services provided by the e-Government are available via the Internet, so the benefits of Cloud Computing can be used in theimplementation of e-Government architecture to provide better service with the least economic cost.
Many countries have attempted to implement the e-Government based on the functionality provided by Cloud Computing, some of these countries have achieved remarkable success, and others have confronted difficult to make it worked.
This article will explore the use of Cloud Computing in e-Government, identify challenges and benefits of this use, and finish with benchmarking countries that have followed this approach.
Keywords: e-Government, Cloud Computing, Public services, Advantages, Challenges, Benchmarking, European governments, Arabic governments.
1. Introduction
For the past 10 years, the Internet and web services have experienced rapid and significant increases, which generated through their use in all sectors of activity, a high cost of data storage and consumption energy and complexities of implementation and infrastructure solutions.
To remedy this, large organizations have begun extensive studies to reduce these costs and complexities and they deduced the CloudComputing.
Today, Cloud Computing, this new technology, has effectively respond to thousands of their hardware and software needs, and it is considered the topic most requested by academics and research centers related to the field of information technology.
The e-Government among the industries that used the Internet and web services, seeks firstly overwhelming user satisfaction, and others from the implementation of an effective system based on Information Technology. To do this, the e-Government adopted to use the concepts of Cloud Computing.
2. Cloud Computing
2.1. Definition
In 2009, the National Institute of Standards and Technology (NIST) [9] published a definition of Cloud Computing as : "a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction."
This definition was included in the Global Security Mag magazine as "Cloud Computing is a new way of delivering IT resources, not a new technology." Moreover, this concept has been proven in my post in the second edition of the PhD day ...
This document discusses cloud computing and its potential benefits for organizations. It defines cloud computing and describes deployment and service models. The key benefits of cloud computing include lower costs, faster deployment of applications, scalability, and improved organizational agility. However, security, lack of standards, and regulatory compliance are challenges. The adoption of cloud computing is increasing but still early, with most activity from early adopters.
The document discusses government cloud computing initiatives in several countries and organizations. It outlines the US Federal government's plans to transition more IT services and data centers to cloud computing models in order to reduce costs. This includes initial pilots starting in 2009 and a goal of major agency capabilities being migrated to cloud platforms by 2012. Barriers to adoption like security, interoperability and governance are also covered. The economic benefits of transitioning to cloud computing are estimated to be savings of 5.7 to 15.4 times initial investments over a 10 year period.
There are five disruptive forces shaping IT today, but none has more wide-ranging impact on all enterprises than the emergence of cloud as a preferred means of service delivery. This article discusses the cloud industry and how WGroup can help give client a competitive advantage using a service delivery strategy and new IT operating models.
Huawei provides an end-to-end cloud computing solution called SingleCLOUD that features a large, flexible platform for resource sharing. The solution includes cloud data centers, applications, and success stories of companies adopting the cloud. Key benefits include reducing costs, improving efficiency, and enhancing data security and management. Huawei's strategy is to migrate telecom services and applications to the cloud to speed digital transformation and build an open ecosystem for partners.
Strategic, Privacy and Security Considerations for Adoption of Cloud and Emer...Marie-Michelle Strah, PhD
Prepared for Ministers and Senior Officials from the Caribbean and distinguished participants and attendees of the Caribbean Telecommunications Union (CTU), the Commonwealth Secretariat, the Organization of American States (OAS), and the International Telecommunication Union (ITU) on the occasion of the Caribbean Stakeholders’ Meeting: The Importance of ICTs and their Impact on Regional Development, May 26-28, 2014 in Port of Spain, Trinidad.
This document discusses the promises and realities of cloud computing. It outlines some of the key promises of cloud computing such as cost savings, increased computing power and automation, and infrastructure simplification. However, it also notes that while technology continues to evolve, users' experiences with the cloud vary and some organizations still question if the cloud can deliver on its promises. The document explores both the positive drivers for cloud adoption as well as areas like data control, performance, and security that are still works in progress.
The DoD is adopting cloud computing to improve mission effectiveness and reduce costs by consolidating duplicative IT infrastructure. The strategy establishes a phased approach to transition to a DoD Enterprise Cloud Environment including optimizing data center consolidation, establishing a cloud infrastructure, and delivering cloud services both within and outside the Department. Challenges include security, operations, and overcoming limitations for disconnected users.
Adoption of cloud computing model in governmenticyhouse
The government plans to adopt cloud computing to meet public demands for e-government services and realize benefits of new technologies. It will incrementally adopt cloud computing, develop software applications suitable for the cloud, and establish platforms and infrastructure to support cloud services. This will allow flexible provision of IT resources and shared services across government agencies. The strategy aims to improve public services, increase efficiency, and reduce costs while supporting local IT industry development.
Cloud Adoption in Capital Markets: A PerspectiveCognizant
For the financial services industry, the adoption of cloud services has become a viable business directive. As firms work to recoup their losses from the recent financial crisis, pay-as-you-go cloud services allow them to focus more on strategic, innovative and revenue-generating endeavors and less on managing routine IT activities and the supporting infrastructure.
This document provides an economic analysis of cloud computing. It begins with an introduction to cloud computing and its benefits over traditional IT models. It then analyzes cloud computing qualitatively in terms of direct cost savings, productivity improvements, and potential for innovation. Barriers to adoption and common challenges are also discussed. The document performs a quantitative financial analysis using models like net present value to compare the total cost of ownership of enterprise data centers versus cloud computing. It reviews several existing cost models and concludes that the total cost of ownership model is best suited for analyzing IT investments in cloud computing.
Cloud computing offers several advantages over traditional in-house IT solutions. It allows companies to cut costs, improve business operations, and gain access to resources without large capital investments. Cloud computing provides scalable, virtual computing resources on demand via the internet. This addresses issues many companies face with traditional outsourcing like lack of transparency, control, and inefficient processes. It allows flexible, collaborative development and testing without security or governance concerns.
Intellectual Point is a Global Information Technology, Training, Consulting and Software Development Company. Intellectual Point provides professional hands-on computer and IT training as well as certifications to prepare you with the marketable skills and knowledge needed for today’s competitive job market.
This document summarizes a study on barriers to government cloud adoption in Ghana. The study interviewed IT personnel from 12 public agencies to identify challenges they may face in adopting cloud computing. Major inhibiting factors identified include lack of basic infrastructure, data security concerns, unreliable internet connectivity, and a general lack of institutional readiness. The study uses the technology, organization and environment framework to classify adoption factors into technological, organizational, and environmental contexts.
Migrating enterprise applications to cloudSougata Mitra
This document discusses migrating enterprise applications to the cloud. It begins by describing the challenges currently facing IT organizations and how cloud computing addresses issues like limited budgets, scaling applications, and ensuring resiliency. It defines key characteristics of cloud computing like metered usage, elasticity, automation, and shifting capital expenditures to operational expenditures. The document then discusses factors to consider for cloud migration like application suitability, security and compliance, and performance. It emphasizes the importance of determining which applications are best suited for the cloud.
In summary, The impact of cloud computing on IT infrastructure support is profound, ushering in a new era of efficiency, agility, and scalability. Organizations must embrace this evolution, redefining their approach to IT infrastructure management to capitalize on the benefits of cloud computing.
A hybrid cloud combines private and public clouds to provide flexibility, agility and cost control. However, operational silos, complex application management and lack of portability limit its effectiveness. To address these challenges, enterprises should unify infrastructure management across clouds with a single control plane. This allows monitoring, managing and orchestrating all environments with the same tools. Choosing a solution like unified cloud management or a unified platform like Kubernetes can provide the necessary abstraction and standardization to improve hybrid cloud operations.
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Amazon Web Services
In this session, we provide an overview of existing cloud-ready contracts, such as cooperative, federal, and state directed contracts, and walk through steps on how to choose the right one for your procurement. We compare various cloud-ready contracts by identifying scope, end-user eligibility, and primary service offerings to help you make the right choice for your mission needs. Learn More: https://aws.amazon.com/government-education/
The document discusses the promises and realities of cloud computing. While the cloud promises cost savings, increased computing power, and automation, realities include security concerns, reliability issues, integration challenges, and costs for early adopters. As cloud technology evolves, both expectations and experiences of users are changing. The cloud remains a work in progress, with opportunities and risks that companies must navigate as adoption increases.
Cloud Computing at a Glance, the Vision of Cloud Computing, Defining a Cloud, A Closer Look, Cloud Computing Reference Model, Characteristics and Benefits, Challenges Ahead, Historical Developments. Virtualization: Introduction, Characteristics of Virtualized Environment, Taxonomy of Virtualization Techniques, Virtualization and Cloud computing, Pros and Cons of Virtualization, Technology Examples- VMware and Microsoft Hyper-V.
CSIA 413 Cybersecurity Policy, Plans, and Programs.docxmydrynan
CSIA 413: Cybersecurity Policy, Plans, and Programs
June 2, 2019
Executive Summary
The Red Clay Renovations Employee Handbook is to give general rules about its strategies. The Employee Handbook will fill in as a guide for workers to get comfortable with Red Clay Renovations strategies for "Acceptable Use Policy for Information Technology", "Bring Your Own Device Policy " and "Digital Media Sanitization, Reuse, and Destruction Policy". Red Clay Renovations maintains whatever authority is needed to adjust the Employee Handbook to best suit the organization whenever with no earlier warning to its representatives.
Red Clay Renovations "Acceptable Use Policy for Information Technology" will characterize in subtleties what Acceptable Use is and what it's most certainly not. Every Employee will get his/her duty of the framework accounts, processing resources, organize utilization and will sign and consent to the approach before access is conceded to the system.
Red Clay Renovations "Bring Your Own Device Policy or BYOD" will name every one of the gadgets that are satisfactory as BYOD and the administration of the use of such gadgets. Every worker's gadgets must satisfy the arrangement guideline before actualizing the gadgets into Red Clay Renovation Company.
Red Clay Renovations "Digital Media Sanitization, Reuse, and Destruction Policy" will ensure that any worker of Red Clay Renovation who marked for the BYOD approach has/should sign this arrangement also. Workers need to comprehend the techniques the organization will use to clean off the BYOD.
Acceptable Use Policy
Introduction
This Acceptable Use Policy is for all Red Clay Renovation workers and supplants every single past version. All workers are liable to the terms and states of the Policy. The approach will build up satisfactory and inadmissible utilization of defending the security of information, secure and ensure PC and PCs, the use of system condition and servers, the utilization of electronic correspondences. Additionally Red Clay Renovation gathers, keeps up, and stores individual data to incorporate Mastercard’s, credit checks, building plans and illustrations, customers restorative and wellbeing information.
Red Clay Renovation must be in consistence with the accompanying: HIPPA Privacy and Security Rule, Freedom of Information Act (FOIA), PCI DSS, Privacy Act of 1977, Building Codes and Regulations. It is to the greatest advantage of the organization for all workers to comprehend the Acceptable Use Policy to settle on trustworthy choices before participating in inadmissible utilization of the approach. Any offense with the Acceptable Use Policy could conceivably cause Red Clay Renovation considerable loss of its business and its notorieties. On the off chance that any worker needs more data with this arrangement, they can reach out to the IT department directly.
Policy Content
Utilization of IT Systems
Red Clay Renovation possesses the property rights to all informati.
CSIS 100CSIS 100 - Discussion Board Topic #1One of the object.docxmydrynan
CSIS 100
CSIS 100 - Discussion Board Topic #1:
One of the objectives of this course is to enable students to differentiate between the disciplines of Information Systems, Information Technology, and Computer Science. Oftentimes, these areas overlap and are difficult to distinguish – even among professionals within the industries.
There are some distinctions that become evident, but all too frequently, people do not understand these distinctions until they are already deep within their programs of study. Consequently, many decide that it is too late to pursue a different avenue in the computing world without losing valuable time and money spent on courses that may or may not apply to a different major.
Given the importance of achieving effective planning from the beginning, your first assignment in this course is to delve into the broad areas of Information Systems, Information Technology, and Computer Science and write about your career choice in a discussion board post. This should be your thought process:
· First, define each field (i.e. IS, IT, CS). Understand the similarities and differences.
· Second, determine what jobs are available in each area.
· Third, look at the degree completion plans for each of these programs.
· Fourth, assess your own skills (e.g. Are you good in math? Do you like business? Do you like algorithms? Are you gifted at problem-solving? Do you like learning about new technology? Do you enjoy working hands-on with equipment/hardware/wires?)
· Fifth, (and most importantly) ask God what He wants you to pursue based on your talents, interests, and abilities.
· Sixth, based on your analysis above, what career do you hope to obtain after graduation, and what degree will you pursue to achieve this goal?
To facilitate your research, there are four videos in your Reading & Study folder that will help you understand the differences between the computing fields and become familiar with the job opportunities in each area. Be sure to view these videos first.
The LU Registrar’s home page has information on degree completion plans. Here is a link to all of the currently available ones in the university:
http://www.liberty.edu/academics/registrar/index.cfm?PID=2981
Be sure to look at all of the ones listed for Information Systems and Information Technology. At the time of this writing, Computer Science is only listed under residential degree plans. That does not mean that you should rule out Computer Science as a potential major. You must consider all options and listen to God’s calling upon your life. With God, all things are possible.
Discussion Board Deliverables
Main Post:
In a minimum of 300 words, create a thread in Module 1’s discussion board forum that describes the following:
1. Your desired career upon graduation
2. Why you chose this career
3. Your intended major
4. Your strengths, weaknesses, and interests
5. How the major supports your chosen career
6. How God has led you to reach your decision
7. A Bib.
More Related Content
Similar to F E B R U A R Y 8 , 2 0 1 1Vivek Kundra U.S. Chief Inf.docx
There are five disruptive forces shaping IT today, but none has more wide-ranging impact on all enterprises than the emergence of cloud as a preferred means of service delivery. This article discusses the cloud industry and how WGroup can help give client a competitive advantage using a service delivery strategy and new IT operating models.
Huawei provides an end-to-end cloud computing solution called SingleCLOUD that features a large, flexible platform for resource sharing. The solution includes cloud data centers, applications, and success stories of companies adopting the cloud. Key benefits include reducing costs, improving efficiency, and enhancing data security and management. Huawei's strategy is to migrate telecom services and applications to the cloud to speed digital transformation and build an open ecosystem for partners.
Strategic, Privacy and Security Considerations for Adoption of Cloud and Emer...Marie-Michelle Strah, PhD
Prepared for Ministers and Senior Officials from the Caribbean and distinguished participants and attendees of the Caribbean Telecommunications Union (CTU), the Commonwealth Secretariat, the Organization of American States (OAS), and the International Telecommunication Union (ITU) on the occasion of the Caribbean Stakeholders’ Meeting: The Importance of ICTs and their Impact on Regional Development, May 26-28, 2014 in Port of Spain, Trinidad.
This document discusses the promises and realities of cloud computing. It outlines some of the key promises of cloud computing such as cost savings, increased computing power and automation, and infrastructure simplification. However, it also notes that while technology continues to evolve, users' experiences with the cloud vary and some organizations still question if the cloud can deliver on its promises. The document explores both the positive drivers for cloud adoption as well as areas like data control, performance, and security that are still works in progress.
The DoD is adopting cloud computing to improve mission effectiveness and reduce costs by consolidating duplicative IT infrastructure. The strategy establishes a phased approach to transition to a DoD Enterprise Cloud Environment including optimizing data center consolidation, establishing a cloud infrastructure, and delivering cloud services both within and outside the Department. Challenges include security, operations, and overcoming limitations for disconnected users.
Adoption of cloud computing model in governmenticyhouse
The government plans to adopt cloud computing to meet public demands for e-government services and realize benefits of new technologies. It will incrementally adopt cloud computing, develop software applications suitable for the cloud, and establish platforms and infrastructure to support cloud services. This will allow flexible provision of IT resources and shared services across government agencies. The strategy aims to improve public services, increase efficiency, and reduce costs while supporting local IT industry development.
Cloud Adoption in Capital Markets: A PerspectiveCognizant
For the financial services industry, the adoption of cloud services has become a viable business directive. As firms work to recoup their losses from the recent financial crisis, pay-as-you-go cloud services allow them to focus more on strategic, innovative and revenue-generating endeavors and less on managing routine IT activities and the supporting infrastructure.
This document provides an economic analysis of cloud computing. It begins with an introduction to cloud computing and its benefits over traditional IT models. It then analyzes cloud computing qualitatively in terms of direct cost savings, productivity improvements, and potential for innovation. Barriers to adoption and common challenges are also discussed. The document performs a quantitative financial analysis using models like net present value to compare the total cost of ownership of enterprise data centers versus cloud computing. It reviews several existing cost models and concludes that the total cost of ownership model is best suited for analyzing IT investments in cloud computing.
Cloud computing offers several advantages over traditional in-house IT solutions. It allows companies to cut costs, improve business operations, and gain access to resources without large capital investments. Cloud computing provides scalable, virtual computing resources on demand via the internet. This addresses issues many companies face with traditional outsourcing like lack of transparency, control, and inefficient processes. It allows flexible, collaborative development and testing without security or governance concerns.
Intellectual Point is a Global Information Technology, Training, Consulting and Software Development Company. Intellectual Point provides professional hands-on computer and IT training as well as certifications to prepare you with the marketable skills and knowledge needed for today’s competitive job market.
This document summarizes a study on barriers to government cloud adoption in Ghana. The study interviewed IT personnel from 12 public agencies to identify challenges they may face in adopting cloud computing. Major inhibiting factors identified include lack of basic infrastructure, data security concerns, unreliable internet connectivity, and a general lack of institutional readiness. The study uses the technology, organization and environment framework to classify adoption factors into technological, organizational, and environmental contexts.
Migrating enterprise applications to cloudSougata Mitra
This document discusses migrating enterprise applications to the cloud. It begins by describing the challenges currently facing IT organizations and how cloud computing addresses issues like limited budgets, scaling applications, and ensuring resiliency. It defines key characteristics of cloud computing like metered usage, elasticity, automation, and shifting capital expenditures to operational expenditures. The document then discusses factors to consider for cloud migration like application suitability, security and compliance, and performance. It emphasizes the importance of determining which applications are best suited for the cloud.
In summary, The impact of cloud computing on IT infrastructure support is profound, ushering in a new era of efficiency, agility, and scalability. Organizations must embrace this evolution, redefining their approach to IT infrastructure management to capitalize on the benefits of cloud computing.
A hybrid cloud combines private and public clouds to provide flexibility, agility and cost control. However, operational silos, complex application management and lack of portability limit its effectiveness. To address these challenges, enterprises should unify infrastructure management across clouds with a single control plane. This allows monitoring, managing and orchestrating all environments with the same tools. Choosing a solution like unified cloud management or a unified platform like Kubernetes can provide the necessary abstraction and standardization to improve hybrid cloud operations.
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2017Amazon Web Services
In this session, we provide an overview of existing cloud-ready contracts, such as cooperative, federal, and state directed contracts, and walk through steps on how to choose the right one for your procurement. We compare various cloud-ready contracts by identifying scope, end-user eligibility, and primary service offerings to help you make the right choice for your mission needs. Learn More: https://aws.amazon.com/government-education/
The document discusses the promises and realities of cloud computing. While the cloud promises cost savings, increased computing power, and automation, realities include security concerns, reliability issues, integration challenges, and costs for early adopters. As cloud technology evolves, both expectations and experiences of users are changing. The cloud remains a work in progress, with opportunities and risks that companies must navigate as adoption increases.
Cloud Computing at a Glance, the Vision of Cloud Computing, Defining a Cloud, A Closer Look, Cloud Computing Reference Model, Characteristics and Benefits, Challenges Ahead, Historical Developments. Virtualization: Introduction, Characteristics of Virtualized Environment, Taxonomy of Virtualization Techniques, Virtualization and Cloud computing, Pros and Cons of Virtualization, Technology Examples- VMware and Microsoft Hyper-V.
Similar to F E B R U A R Y 8 , 2 0 1 1Vivek Kundra U.S. Chief Inf.docx (20)
CSIA 413 Cybersecurity Policy, Plans, and Programs.docxmydrynan
CSIA 413: Cybersecurity Policy, Plans, and Programs
June 2, 2019
Executive Summary
The Red Clay Renovations Employee Handbook is to give general rules about its strategies. The Employee Handbook will fill in as a guide for workers to get comfortable with Red Clay Renovations strategies for "Acceptable Use Policy for Information Technology", "Bring Your Own Device Policy " and "Digital Media Sanitization, Reuse, and Destruction Policy". Red Clay Renovations maintains whatever authority is needed to adjust the Employee Handbook to best suit the organization whenever with no earlier warning to its representatives.
Red Clay Renovations "Acceptable Use Policy for Information Technology" will characterize in subtleties what Acceptable Use is and what it's most certainly not. Every Employee will get his/her duty of the framework accounts, processing resources, organize utilization and will sign and consent to the approach before access is conceded to the system.
Red Clay Renovations "Bring Your Own Device Policy or BYOD" will name every one of the gadgets that are satisfactory as BYOD and the administration of the use of such gadgets. Every worker's gadgets must satisfy the arrangement guideline before actualizing the gadgets into Red Clay Renovation Company.
Red Clay Renovations "Digital Media Sanitization, Reuse, and Destruction Policy" will ensure that any worker of Red Clay Renovation who marked for the BYOD approach has/should sign this arrangement also. Workers need to comprehend the techniques the organization will use to clean off the BYOD.
Acceptable Use Policy
Introduction
This Acceptable Use Policy is for all Red Clay Renovation workers and supplants every single past version. All workers are liable to the terms and states of the Policy. The approach will build up satisfactory and inadmissible utilization of defending the security of information, secure and ensure PC and PCs, the use of system condition and servers, the utilization of electronic correspondences. Additionally Red Clay Renovation gathers, keeps up, and stores individual data to incorporate Mastercard’s, credit checks, building plans and illustrations, customers restorative and wellbeing information.
Red Clay Renovation must be in consistence with the accompanying: HIPPA Privacy and Security Rule, Freedom of Information Act (FOIA), PCI DSS, Privacy Act of 1977, Building Codes and Regulations. It is to the greatest advantage of the organization for all workers to comprehend the Acceptable Use Policy to settle on trustworthy choices before participating in inadmissible utilization of the approach. Any offense with the Acceptable Use Policy could conceivably cause Red Clay Renovation considerable loss of its business and its notorieties. On the off chance that any worker needs more data with this arrangement, they can reach out to the IT department directly.
Policy Content
Utilization of IT Systems
Red Clay Renovation possesses the property rights to all informati.
CSIS 100CSIS 100 - Discussion Board Topic #1One of the object.docxmydrynan
CSIS 100
CSIS 100 - Discussion Board Topic #1:
One of the objectives of this course is to enable students to differentiate between the disciplines of Information Systems, Information Technology, and Computer Science. Oftentimes, these areas overlap and are difficult to distinguish – even among professionals within the industries.
There are some distinctions that become evident, but all too frequently, people do not understand these distinctions until they are already deep within their programs of study. Consequently, many decide that it is too late to pursue a different avenue in the computing world without losing valuable time and money spent on courses that may or may not apply to a different major.
Given the importance of achieving effective planning from the beginning, your first assignment in this course is to delve into the broad areas of Information Systems, Information Technology, and Computer Science and write about your career choice in a discussion board post. This should be your thought process:
· First, define each field (i.e. IS, IT, CS). Understand the similarities and differences.
· Second, determine what jobs are available in each area.
· Third, look at the degree completion plans for each of these programs.
· Fourth, assess your own skills (e.g. Are you good in math? Do you like business? Do you like algorithms? Are you gifted at problem-solving? Do you like learning about new technology? Do you enjoy working hands-on with equipment/hardware/wires?)
· Fifth, (and most importantly) ask God what He wants you to pursue based on your talents, interests, and abilities.
· Sixth, based on your analysis above, what career do you hope to obtain after graduation, and what degree will you pursue to achieve this goal?
To facilitate your research, there are four videos in your Reading & Study folder that will help you understand the differences between the computing fields and become familiar with the job opportunities in each area. Be sure to view these videos first.
The LU Registrar’s home page has information on degree completion plans. Here is a link to all of the currently available ones in the university:
http://www.liberty.edu/academics/registrar/index.cfm?PID=2981
Be sure to look at all of the ones listed for Information Systems and Information Technology. At the time of this writing, Computer Science is only listed under residential degree plans. That does not mean that you should rule out Computer Science as a potential major. You must consider all options and listen to God’s calling upon your life. With God, all things are possible.
Discussion Board Deliverables
Main Post:
In a minimum of 300 words, create a thread in Module 1’s discussion board forum that describes the following:
1. Your desired career upon graduation
2. Why you chose this career
3. Your intended major
4. Your strengths, weaknesses, and interests
5. How the major supports your chosen career
6. How God has led you to reach your decision
7. A Bib.
CSI Paper Grading Rubric- (worth a possible 100 points) .docxmydrynan
CSI Paper Grading Rubric- (worth a possible 100 points)
1. INTRODUCTION (10%): Identifies/summarizes the paper’s topic and states an informed
judgment about the topic.
1 2.5 5 7.5 10
DEVELOPING……………………………………................................................................DEVELOPED
Lacks an introduction that takes an overview and that states the
objectives of the paper. A brief statement of the crime and the
criminological theories that can help explain it is absent,
unfocused or very weak.
Begins with a strong introduction that lays out the crime and
its context, as well as theories that can help understand the
circumstances surrounding the crime. Also provides the
sequence of what follows clearly and concisely.
2. RESOURCES (10%): Evidence from scholarly sources and textual sources (minimum of 5 total
sources).
1 2.5 5 7.5 10
DEVELOPING……………………………………………………………………………….DEVELOPED
Lists evidence but doesn’t explain how it does or doesn’t support a
point. Lacks organization or transitions. Does not completely or
correctly identify sources of information through in-text citations
and a works cited reference page.
Provides appropriate and sufficient evidence, smoothly
synthesizes evidence from sources and clearly ties it to the
point being made. Logically organizes ideas. Uses
transitions to connect one idea to the next. Correctly
identifies all sources of information through in-text
citations and a works cited reference page.
3. BODY (50%): Formulates a coherent, logical, and thoughtful sociological analysis of the crime
being investiaged. Addressed all parts of the paper assignment.
10 20 30 40 50
DEVELOPING…………………….………………………………………………………...DEVELOPED
Shows little understanding of sociological concepts and theories
used to explain the crime being investigated. No discussion at all
of any complexities or nuances related to the topic. No integration
of source information.
Identifies the circumstances of the crime with necessary
detail to perform a rigorous sociological analysis of the
crime. Shows strong understanding of the sociological
concepts and theories discussed in the paper (for example,
other perspectives and confounding factors), and discusses
how the source information is relevant.
4. CONCLUSION (10%): Identifies and assesses conclusions and implications of the sociological
analysis of your crime of the semester; sums up the importance/sociological relevance of your paper.
1 2.5 5 7.5 10
DEVELOPING……………………………………………………………………………...DEVELOPED
Only restates verbatim what has already been said. Conclusion is
not related to the support in the paper or new information is
presented. Feels abrupt, unconnected, or changes the focus. Is not
persuasive.
Goes beyond summarizing your main points. Reader feels a
sense of closure in the paper and is persuaded by the
examination of your crime and use of sociological theories
to explain it. No new informati.
CSIA 413 Cybersecurity Policy, Plans, and ProgramsProject #4 IT .docxmydrynan
CSIA 413: Cybersecurity Policy, Plans, and ProgramsProject #4: IT Audit Policy and Plans Company Background & Operating Environment
Red Clay Renovations is an internationally recognized, awarding winning firm that specializes in the renovation and rehabilitation of residential buildings and dwellings. The company specializes in updating homes using “smart home” and “Internet of Things” technologies while maintaining period correct architectural characteristics. Please refer to the company profile (file posted in Week 1 > Content > CSIA 413 Red Clay Renovations Company Profile.docx) for additional background information and information about the company’s operating environment.Policy Issue & Plan of Action
The corporate board was recently briefed by the Chief Information Officer concerning the company’s IT Security Program and how this program contributes to the company’s risk management strategy. During the briefing, the CIO presented assessment reports and audit findings from IT security audits. These audits focused upon the technical infrastructure and the effectiveness and efficiency of the company’s implementation of security controls. During the discussion period, members of the corporate board asked about audits of policy compliance and assessments as to the degree that employees were (a) aware of IT security policies and (b) complying with these policies. The Chief Information Officer was tasked with providing the following items to the board before its next quarterly meeting:
(a) Issue Specific Policy requiring an annual compliance audit for IT security policies as documented in the company’s Policy System
(b) Audit Plan for assessing employee awareness of and compliance with IT security policies
a. Are employees aware of the IT security policies in the Employee Handbook?
b. Do employees know their responsibilities under those policies?
(c) Audit Plan for assessing the IT security policy system
a. Do required policies exist?
b. Have they been updated within the past year?
c. Are the policies being reviewed and approved by the appropriate oversight authorities (managers, IT governance board, etc.)?
Your Task Assignment
As a staff member supporting the CISO, you have been asked to research this issue (auditing IT security policy compliance) and then prepare an “approval draft” for a compliance policy. You must also research and draft two separate audit plans (a) employee compliance and (b) policy system audit. The audit policy should not exceed two typed pages in length so you will need to be concise in your writing and only include the most important elements for the policy. Make sure that you include a requirement for an assessment report to be provided to company management and the corporate board of directors.
· For the employee compliance assessment, you must use an interview strategy which includes 10 or more multiple choice questions that can be used to construct a web-based survey of all employees. The questions should be split.
CSI 170 Week 3 Assingment
Assignment 1: Cyber Computer Crime
Assignment 1: Cyber Computer Crime
Create a 15-slide presentation in which you:
1. Describe the responsibilities of the National Security Administration (NSA).
2. Identify the four critical needs at the state or local level of law enforcement in order to fight computer crime more effectively.
3. Explain how the U.S. Postal Service assists in the investigation and prosecution of cases involving child pornography.
4. Discuss how and why the Department of Homeland Security (DHS) consolidated so many federal offices.
5. Go to https://research.strayer.edu to locate at least three (3) quality references for this assignment. One of these must have been published within the last year.
4/15/2019 Auden, Musée des Beaux Arts
english.emory.edu/classes/paintings&poems/auden.html 1/1
Musee des Beaux Arts
W. H. Auden
About suffering they were never wrong,
The old Masters: how well they understood
Its human position: how it takes place
While someone else is eating or opening a window or just walking
dully along;
How, when the aged are reverently, passionately waiting
For the miraculous birth, there always must be
Children who did not specially want it to happen, skating
On a pond at the edge of the wood:
They never forgot
That even the dreadful martyrdom must run its course
Anyhow in a corner, some untidy spot
Where the dogs go on with their doggy life and the torturer's horse
Scratches its innocent behind on a tree.
In Breughel's Icarus, for instance: how everything turns away
Quite leisurely from the disaster; the ploughman may
Have heard the splash, the forsaken cry,
But for him it was not an important failure; the sun shone
As it had to on the white legs disappearing into the green
Water, and the expensive delicate ship that must have seen
Something amazing, a boy falling out of the sky,
Had somewhere to get to and sailed calmly on.
Pieter Brueghel, The Fall of Icarus
Oil-tempera, 29 inches x 44 inches.
Museum of Fine Arts, Brussels.
See also:
William Carlos Williams' "Landscape with the Fall of Icarus "
Return to the Poem Index
javascript:openwin('Icarus.jpg',530,330)
http://english.emory.edu/classes/paintings&poems/Williams.html
http://english.emory.edu/classes/paintings&poems/titlepage.html
1. Biographical information on Ibsen—Concluding sentence: Sub-thesis, his play and Nora.
2. Nora’s treatment by her father and Nora’s treatment by her husband Torvald.
3. Nora’s treatment by Krogstad.
4. Nora’s contrast with Christine
INTRO: Females in Conflict
Yet another voice to champion the cause of inequality of the sexes is Henrik Ibsen.
Writing at the end of the nineteenth century in Victorian Norway, his play A Doll House utilizes
the format of a playwright to convey through the use of evolving characters different political and
social messages. When analyzing A Doll House’s protagonist, Nora, her interactions with the
other characters.
CSE422 Section 002 – Computer Networking Fall 2018 Ho.docxmydrynan
CSE422 Section 002 – Computer Networking
Fall 2018
Homework 2 – 50 points
Sockets (10 points)
1. For a client-server application over TCP, why must the server program be executed before the
client program?
2. For a client-server application over UDP, why may the client program be executed before the
server program?
3. The UDP server shown in the course slides needed only one socket, whereas the TCP server
needed two sockets. Why?
4. If the TCP server were to support N simultaneous connections, each from a different client host,
how may sockets would the TCP server need?
5. You are creating an event logging service that will be handling event messages from multiple
remote clients. This service can suffer delays in message delivery and even the loss of some
event messages. Would you implement this using TCP or UDP? Why?
The HTTP GET message (10 Points)
Consider the figure below, where a client is sending an HTTP GET message to a web server,
gaia.cs.umass.edu.
Suppose the client-to-server HTTP GET message is the following:
GET /kurose_ross/interactive/quotation1.htm HTTP/1.1
Host: gaia.cs.umass.edu
Accept: text/plain, text/html, image/gif, image/jpeg, audio/basic,
audio/vnf.wave, video/mp4, video/wmv, application/*, */*
Accept-Language: en-us, en-gb;q=0.5, en;q=0.1, fr, fr-ch, zh, cs
If-Modified-Since: Wed, 10 Jan 2018 13:13:03 -0800
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.11 (KHTML,
like Gecko) Chrome/17.0.963.56 Safari/535.11
Answer the following questions:
1. What is the name of the file that is being retrieved in this GET message?
2. What version of HTTP is the client running?
CSE422 Section 002 – Computer Networking
Fall 2018
3. What formats of text, images, audio, and video does the client browser prefer to receive?
[Note: for this and the following questions on browser media and language preferences, you
will need to do a bit of additional reading on the Web. Here is a good place to start.]
4. What do the strings "application/*" and "*/*" signify in the Accept: header?
5. What languages is the browser indicating that it is willing to accept? [Note: you can look at
your own browser preferences to get a listing of language codes.]
6. What is the meaning of the "relative quality factor," q, associated with the various version of
English? [Note: Here is a good place to start. See also [RFC 2616].]
7. What is the client's preferred version of English? What is the browser's least preferred
version of English?
8. Does the browser sending the HTTP message prefer Swiss French over traditional French?
Explain.
9. Does the client already have a (possibly out-of-date) copy of the requested file? Explain. If
so, approximately how long ago did the client receive the file, assuming the GET request has
just been issued?
10. What is the type of client browser and the client's operating system? [Note: To answer this,
you'll need to understan.
CSCI 132 Practical Unix and Programming .docxmydrynan
CSCI
132:
Practical
Unix
and
Programming
Adjunct:
Trami
Dang
Assignment
4
Fall
2018
Assignment 41
This set of exercises will strengthen your ability to write relatively simple shell scripts
using various filters. As always, your goals should be clarity, efficiency, and simplicity. It
has two parts.
1. The background context that was provided in the previous assignment is repeated here
for your convenience. A DNA string is a sequence of the letters a, c, g, and t in any
order, whose length is a multiple of three2. For example, aacgtttgtaaccagaactgt
is a DNA string of length 21. Each sequence of three consecutive letters is called a codon.
For example, in the preceding string, the codons are aac, gtt, tgt, aac, cag, aac,
and tgt.
Your task is to write a script named codonhistogram that expects a file name on the
command line. This file is supposed to be a dna textfile, which means that it contains
only a DNA string with no newline characters or white space characters of any kind; it is
a sequence of the letters a, c, g, and t of length 3n for some n. The script must count the
number of occurrences of every codon in the file, assuming the first codon starts at
position 13, and it must output the number of times each codon occurs in the file, sorted
in order of decreasing frequency. For example, if dnafile is a file containing the dna
string aacgtttgtaaccagaactgt, then the command
codonhistogram dnafile
should produce the following output:
3 aac
2 tgt
1 cag
1 gtt
because there are 3 aac codons, 2 tgt, 1 cag, and 1 gtt. Notice that frequency comes
first, then the codon name.
1
This is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International
License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/4.0/.
2
This is really just a simplification to make the assignment easier. In reality, it is not necessarily a
multiple of 3.
3
Tho.
CSCI 714 Software Project Planning and EstimationLec.docxmydrynan
This document provides an overview of work breakdown structures (WBS) and their role in project planning and management. It discusses approaches to developing WBS, basic principles for creating effective WBS, and the purpose of WBS for cost estimating, budgeting, resource planning, and other project functions. Specific topics covered include defining the scope of work, developing a hierarchy of deliverables and tasks, and using a WBS to improve scheduling, tracking, and managing changes to a project.
CSCI 561Research Paper Topic Proposal and Outline Instructions.docxmydrynan
CSCI 561
Research Paper: Topic Proposal and Outline Instructions
The easiest approach for selecting a topic for your paper might be to review the various subject areas covered in the course readings (i.e., search the bibliographies of the textbooks). Although the chosen topic must relate directly to the general subject area of this course, you are not limited to the concepts, techniques, and technologies specifically covered in this course.
Each Topic Outline must include the following 3 items:
1. A brief (at least 3–4 bullets with 1–2 sentences per bullet) overview of the research topics of your paper – you will need to address these in the actual paper. This will be titled “Research Objectives”.
2. A list of at least 3 questions (in a numbered list) you intend your research to ask and hopefully answer. These must be questions that will require you to draw conclusions from your research. These must not be questions to answer your research objectives. This section will be titled “Questions”
3. At least 3 initial research sources, 1 of which is an academic journal or other peer reviewed source. These should match APA formatting of sources.
Example formats for Topic Outlines (an example, not a template):
Research Objectives
· Briefly describe the overall concept of system integration.
· Discuss the traditional approach of big-bang integration including the major advantages and disadvantages of this approach.
· Discuss the traditional approaches of top-down and bottom-up integration and their major advantages and disadvantages.
· Discuss the traditional approach of mixed integration, combining the desirable advantages from the top-down and bottom-up integration approaches.
Questions
1. Why is system integration an important step in the software development process?
2. Why has big-bang integration not survived as a useful testing method?
3. Why have top-down and bottom-up integration not been replaced by more modern methods?
4. Why would you use mixed integration all the time rather than sometimes using top-down and bottom-up integration exclusively?
References
1. Herath, T. , & Rao, H. (2012). Encouraging information security behaviors in the best organizations: Role of penalties, pressures, and potential effectiveness. Descision Support Systems, 47(2), 154-165.
2. Testing Computer Software, 2nd Edition, by Cem Kaner
3. Anderson, R. (2008). Security Engineering: A Guide to Building Dependable Distributed Systems (2nd ed.). Cambridge, MA: Wiley.
During your research, if any substantial changes to your objective(s) are necessary, or a topic change is required, communicate with your instructor via email.
The Policy Research Paper: Topic Proposal and Outline is due by 11:59 p.m. (ET) on Sunday of Module/Week 2.
The Technology Research Paper: Topic Proposal and Outline is due by 11:59 p.m. (ET) on Sunday of Module/Week 5.
Quantitative Reasoning 2 Project
Shawn Cyr
MTH/216
01/16/2019
Mr. Kim
Running head: QUANTITATIVE REASONING 2 PROJEC.
CSCI 561 DB Standardized Rubric50 PointsCriteriaLevels of .docxmydrynan
This document outlines a rubric for grading student discussion posts and replies in an online course. It evaluates students on content, structure, and integration of biblical worldview. For the original post, students can earn up to 19 points for content and 5 points for structure. For each of two required replies, students can earn up to 8 points for content and 5 points for structure. Higher scores are given for more thorough engagement with course materials, critical analysis, and APA formatting.
CSCE 1040 Homework 2 For this assignment we are going to .docxmydrynan
CSCE 1040 Homework 2
For this assignment we are going to design a system to schedule drivers and
passengers for rides in the Mean Green EagleLift system
For this we will need the following entities, plus collections for each of the
entities: Driver, Passenger and Ride.
The data for a Driver will contain at least the following:
Driver Id (6 digits)
Driver Name (20 characters each for first and last name)
Vehicle Capacity ( integer value for number of passengers)
Handicapped Capable (Boolean)
Vehicle Type (compact 2 dr, sedan 4dr, SUV, Van, other)
Driver Rating (floating point value 0-5)
Available (Boolean)
Pets allowed (Boolean)
Notes (String – could include days and hours of operation, coverage area, etc)
You may add other data needed for your implementation as well as
you will need accessor and mutator functions for the data.
The data for a Passenger will contain at least:
Name (e.g. Fred Smith)
ID number (6 digits e.g. 123456)
Payment preference (cash, credit, debit)
Handicapped (Boolean)
Default rating required (floating point)
Has pets (Boolean)
You may add other data needed for your implementation as well as
you will need accessor and mutator functions for the data.
The data for a Ride (The transaction entity) will contain at least
the following:
Ride ID (8 digit value auto assigned)
Pickup location (string)
Pickup Time (Time value)
Drop-off location (string)
Size of party (whole number)
Includes pets (Boolean)
Drop-off time (Time value – entered at completion)
Status (Active, Completed, Cancelled)
Rating by customer (floating point value)
You may add other data needed for your implementation as well as
you will need accessor and mutator functions for the data.
For the collections of each of the 3 Entity Classes identified above you
will need to include the ability to:
Add
Edit
Delete
Search/Find based on appropriate criteria
Print a list of all entries in the specific collection
Print the details for a single entity (do a find first)
Print a list of all Rides for a particular Passenger
Print a list of all Rides for a Particular Driver
Print a list of all Active (future and current) Rides, all completed rides and all
cancelled rides
for the Rides collection when you add a Ride you will need to verify that
a. the Driver selected is available during the defined time period
b. the Driver selected has number of seats sufficient for the passengers
c. The Driver has the appropriate pet policy
d. The Driver has required Handicapped capability
e. the driver has at least the minimum rating preferred by the Passenger
Note that a particular Driver could have multiple assignments
as long as they do not conflict with dates or times. For this assignment
you do not need to worry about verifying availability based on starting and
ending locations.
You will also need to provide in the Rides collection the ability to
print an assignment schedule for a particular .
CSCE 509 – Spring 2019
Assignment 3 // updated 01May19
DUE: May 11, 2019 at 5 p.m.
• Two data sets available on Moodle
o {concaveData.npy, concaveTarget.npy}
o {testData.npy, testTarget.npy}
• Write TensorFlow code to perform DNN classification with three (3) classes
• Use concave*.npy for training
• Use test*.npy for test
• Data is the data matrix; Target is the labeled targets from {0, 1, 2}
• Do each of the following steps. For each step: Note the accuracy of the classification using
the test data set. Discuss the results.
1. Write TensorFlow code to perform DNN classification using default settings. Define your
own architecture with two hidden layers. Calculate the number of parameters in your
network. Do not let the number of parameters exceed the number of input samples in
concave*.npy
2. Use one or two additional layers compared to (1) but be sure that the number of
parameters do not exceed the number of input samples. Which has better accuracy
performance? Or are they about the same?
3. Write Python code to read in the data sets. Add a large constant (such as “509” or “5090”)
to each input feature. Write the data sets as files, to be read in as input sets. Repeat the
classification using the new input files with the architecture that has better performance
in (1) or (2). What is the accuracy performance for the same number of epochs? If the
accuracy performance is about the same, does it converge faster or slower or about the
same?
4. Use the given data sets as used in (1) and (2). Use either of the two architectures. Change
the tf.layers.dense() function initlialization to He initialization by using the
variance_scaling_initializer() function:
he_init = tf.contrib.layers.variance_scaling_initializer(factor=2.0)
hidden1 = tf.layers.dense(X, n_hidden1, activation=tf.nn.relu,
kernel_initializer=he_init, name=”hidden1”)
# do the same for other hidden layers
What is the accuracy performance? Compare to either (1) or (2).
5. Take the architecture from either (1) or (2). Replace the relu activation function by the
exponential linear unit (ELU). In the tf.layers.dense function, use
activation=tf.nn.elu
What is the accuracy performance? Compare to either (1) or (2) and to (4).
6. Perform batch normalization on either (1) or (2) as follows. We want to zero-center and
normalize the inputs to the activation function of each layer by learning the mean and
scales of the inputs for each layer. Modify the Python code as follows:
X = tf.placeholder(tf.float32, shape=(None, n_inputs), name=”X”)
training = tf.placeholder_with_default(False, shape=(), name=”training”)
Then in defining the hidden layers:
hidden1 = tf.layers.dense(X, n_hidden1, name=”hidden1”)
batchnorm1 = tf.layers.batch_normalization(hidden1, training=training,
momentum=0.9)
bn1_act = tf.nn.elu(batchnorm1)
hidden2 = tf.layers.dense(bn1_act, n_hidden2, name=”hidden2”)
batchnorm2 = tf.layers.batch_normalization.
CSCI 2033 Elementary Computational Linear Algebra(Spring 20.docxmydrynan
CSCI 2033: Elementary Computational Linear Algebra
(Spring 2020)
Assignment 1 (100 points)
Due date: February 21st, 2019 11:59pm
In this assignment, you will implement Matlab functions to perform row
operations, compute the RREF of a matrix, and use it to solve a real-world
problem that involves linear algebra, namely GPS localization.
For each function that you are asked to implement, you will need to complete
the corresponding .m file with the same name that is already provided to you in
the zip file. In the end, you will zip up all your complete .m files and upload the
zip file to the assignment submission page on Gradescope.
In this and future assignments, you may not use any of Matlab’s built-in
linear algebra functionality like rref, inv, or the linear solve function A\b,
except where explicitly permitted. However, you may use the high-level array
manipulation syntax like A(i,:) and [A,B]. See “Accessing Multiple Elements”
and “Concatenating Matrices” in the Matlab documentation for more informa-
tion. However, you are allowed to call a function you have implemented in this
assignment to use in the implementation of other functions for this assignment.
Note on plagiarism A submission with any indication of plagiarism will be
directly reported to University. Copying others’ solutions or letting another
person copy your solutions will be penalized equally. Protect your code!
1 Submission Guidelines
You will submit a zip file that contains the following .m files to Gradescope.
Your filename must be in this format: Firstname Lastname ID hw1 sol.zip
(please replace the name and ID accordingly). Failing to do so may result in
points lost.
• interchange.m
• scaling.m
• replacement.m
• my_rref.m
• gps2d.m
• gps3d.m
• solve.m
1
Ricardo
Ricardo
Ricardo
Ricardo
�
The code should be stand-alone. No credit will be given if the function does not
comply with the expected input and output.
Late submission policy: 25% o↵ up to 24 hours late; 50% o↵ up to 48 hours late;
No point for more than 48 hours late.
2 Elementary row operations (30 points)
As this may be your first experience with serious programming in Matlab,
we will ease into it by first writing some simple functions that perform the
elementary row operations on a matrix: interchange, scaling, and replacement.
In this exercise, complete the following files:
function B = interchange(A, i, j)
Input: a rectangular matrix A and two integers i and j.
Output: the matrix resulting from swapping rows i and j, i.e. performing the
row operation Ri $ Rj .
function B = scaling(A, i, s)
Input: a rectangular matrix A, an integer i, and a scalar s.
Output: the matrix resulting from multiplying all entries in row i by s, i.e. per-
forming the row operation Ri sRi.
function B = replacement(A, i, j, s)
Input: a rectangular matrix A, two integers i and j, and a scalar s.
Output: the matrix resulting from adding s times row j to row i, i.e. performing
the row operatio.
CSCE 3110 Data Structures & Algorithms Summer 2019 1 of .docxmydrynan
CSCE 3110 Data Structures & Algorithms Summer 2019
1 of 12
Project 3 – Hopscotch Hash Table
Due: 11:59 PM on Friday, June 21, 2019
PROGRAM DESCRIPTION
In this C++ program, you will implement an efficient hopscotch hash table that improves
on the classic linear probing algorithm. Specifically, you will use a TABLE_SIZE = 17
and use the single hash function ℎ(𝑥) = 𝑥 mod 𝑇𝐴𝐵𝐿𝐸_𝑆𝐼𝑍𝐸. You shall resolve
collisions using linear probing where the maximal length of the probe sequence (i.e.,
distance away from the original hash location) is bound by the hopscotch hash
algorithm where MAX_DIST = 4.
You shall support the following five operations that are menu driven:
1. Insert Value
2. Delete Value
3. Search Value
4. Output Table
5. Exit Program
All data shall be entered through the console and consist of integers. You may assume
valid data, though data may be out of range (i.e., zero, negative integers or possibly out
of range of menu options). Your algorithm to find the next available slot is bound by the
end of the table so that the linear probe sequence need not be circular. In other words,
you do not need to wrap around beyond the last element of the array to the first for
either the linear probe or the bound for the hopscotch algorithm. For example, if the
user attempts to insert 33 which hashes to index position 16 (i.e., 33 % TABLE_SIZE) in
the array, but an element already exists at that location, the insert will fail as there are
no more array locations beyond this to attempt to insert the element.
You must keep an item array containing the elements as well as an associated hop
array that indicates positions in the item array that are occupied with items that hash to
the same value. You should also provide specific feedback to the user on successful
operations or when an operation failed. The search should utilize the hash value and
then perhaps a linear probe of MAX_DIST – 1 index locations, but you should not
simply search the entire array to accomplish this operation. Be sure to handle the case
that requires multiple hops (i.e., using recursion) to get the value within the correct
range.
REQUIREMENTS
• Your code should be well documented in terms of comments. For example, good
comments in general consist of a header (with your name, course section, date,
and brief description), comments for each variable, and commented blocks of
code.
• Your program will be graded based largely on whether it works correctly on the
CSE machines (e.g., cse01, cse02, …, cse06), so you should make sure that
your program compiles and runs on a CSE machine.
aemalki
aemalki
aemalki
aemalki
aemalki
aemalki
aemalki
aemalki
CSCE 3110 Data Structures & Algorithms Summer 2019
2 of 12
• You should contact your instructor if there is any question about what is being
asked for.
• This is an individual programming assignment that must be the sole work of the
individual student. Any in
CSCI 340 Final Group ProjectNatalie Warden, Arturo Gonzalez, R.docxmydrynan
CSCI 340 Final Group Project
Natalie Warden, Arturo Gonzalez, Ricky Gaji
Introduction
As our world continues to rely on technology to store our information, issues concerning data storage and organization will arise
Association of Computing Machinery (ACM) has asked us to prepare a database through which they can easily and effectively access this information
In this project we have created a tier system of entities, established the relationships between them, and decreased redundancy by eliminating repeating attributes
Responsibility MatrixTask/PersonNatalieArturoRickyAnalysisMSER-DiagramSMRedundancySSSSQLMSLogical DesignMAnalysis DocMRelationships DocMReadMe DocSMDatabaseMSS
Software Used:
Analysis:
Google Docs - helped to bring the group together and organize all our information to make sure we were on the same page.
Google Slides- served as the main platform in which to come up with our presentation and visualize what we are going to do.
Draw.io- used to build our many ER diagrams
Database Design:
x10 web hosting- hosted our website and had the tools necessary to get started on the database
phpMyAdmin- here we created our database tables and made sure all the attribute’s data types and entity’s primary key, foreign keys, and attributes were correct.
mySQL Databases- used as relational database management system
generatedata.com-used to create “dummy” data to incorporate in the SQL testing
Analysis and Findings
Problems/Results
Final Decision
Decided to create entities for leadership
Took inspiration from University database setup
ER-Diagram
Tables
Tables
Building the ACM Database
Populated Tables
SQL/RESULTS
3
Name
Course
Date
Instructor
Benchmark - Gospel Essentials
In at least 150 words, complete your introductory paragraph with a thesis statement in which you will address each of the following six sections with at least one paragraph each.
God
In at least 150 words, respond thoroughly to the questions in the assignment. Be sure to include citations.
Humanity
In at least 150 words, respond thoroughly to the questions in the assignment. Be sure to include citations.
Jesus
In at least 150 words, respond thoroughly to the questions in the assignment. Be sure to include citations.
Restoration
In at least 150 words, respond thoroughly to the questions in the assignment. Be sure to include citations.
Analysis
In at least 150 words, respond thoroughly to the questions in the assignment. Be sure to include citations.
Reflection
In at least 150 words, respond thoroughly to the questions in the assignment. Be sure to include citations.
Conclusion
In at least 150 words, synthesize the main points, pulling the ideas of the paper together. Be sure to include citations.
References
Author, A. A., .
CSC-321 Final Writing Assignment In this assignment, you .docxmydrynan
CSC-321 Final Writing Assignment
In this assignment, you will write an article about a recent cybersecurity attack (of your choosing). The
article will include the following components:
1) Executive summary: a 1-page executive summary highlighting the potential impact and likelihood
of a similar attack against a fictional company XYZ. XYZ should be a company in a similar field
to the company attacked by the vulnerability.
a. Audience: A C-level business executive. Do not assume they will have any technical
knowledge but assume they are very interested in the economic impact of things.
b. Purpose: Provide a summary that they will use to make business decisions from. You
need to be convincing that the cost of security makes business sense.
2) Technical report: a 3-page technical report including the following topics: Introduction,
Vulnerability(s) exploited, financial impact (if applicable), social impact (if applicable),
technological impact (if applicable), political impact (if applicable), patches available/needed to
prevent these vulnerabilities (if applicable), human training needed (if applicable), comparison to
similar vulnerabilities in the past 20 years, assessment of how common the vulnerability is, and
recommendations for company XYZ to protect itself from similar vulnerabilities.
a. Audience: A Technical manager and his engineering staff. Assume a good knowledge of
computer science, engineering, and math but no specific security knowledge.
b. Purpose: Provides information to engineers at XYZ about the attack and how to prevent a
similar one against XYZ.
3) Press release: a 2-page article for popular consumption (think wired). This should explain the
vulnerability, protection, and potential impact to general audiences (users and share-holders).
a. Format: 2-page wired article. Be informative, objective, and entertaining
b. Audience: General public who are interested in technology but may have never taken a
computer science course and, almost certainly, have never taken a computer security
course.
c. Purpose: To express your understanding to a broad audience.
Choosing your topic
Your article must be about a recent computer security exploit with real world impacts. You must get your
topic approved in lab or by email before April 22nd.
Format: IEEE conference formatting with 12pt font. All page counts are precise. You should not go
over and should be no more than ¼ column under.
Press release (2 pages) Draft: Apr, 29 Due: May, 13
Lastly you are to write a two-page article for a national technical magazine, think Wired. This article is
intended for a general audience who is interested in technology but does not have formal technical
backgrounds. This article should explain the attack, its impact, how it is mitigated, and what (if
anything) the general audience should do. This article should be informative, objective, and entertaining.
Executive Summary (1 page) .
Cryptography is the application of algorithms to ensure the confiden.docxmydrynan
Cryptography is the application of algorithms to ensure the confidentiality, integrity, and availability of data, while it is at rest, in motion, or in use. Cryptography systems can include local encryptions at the file or disk level or databases. Cryptography systems can also extend to an enterprise-wide public key infrastructure for whole agencies or corporations.
The following are the deliverables for this project:
Deliverables
Enterprise Key Management Plan:
An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
Enterprise Key Management Policy:
A two- to three-page double-spaced Word document.
Lab Report:
A Word document sharing your lab experience along with screenshots.
There are seven steps to complete the project. Most steps of this project should take no more than two hours to complete. The entire project should take no more than one week to complete. Begin with the workplace scenario, and then continue to Step 1, “Identify Components of Key Management.”
When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.
Step 1: Identify Components of Key Management
Key management will be an important aspect of the new electronic protected health information (e-PHI). Key management is often considered the most difficult part of designing a cryptosystem.
Choose a fictitious or an actual organization. The idea is to provide an overview of the current state of enterprise key management for Superior Health Care.
Review these authentication resources to learn about
authentication
and the characteristics of key management.
Provide a high-level, top-layer network view (diagram) of the systems in Superior Health Care. The diagram can be a bubble chart or Visio drawing of a simple network diagram with servers. Conduct independent research to identify a suitable network diagram.
Read these resources on
data at rest
, data in use, and
data in motion
.
Identify data at rest, data in use, and data in motion as it could apply to your organization. Start by focusing on where data are stored and how data are accessed.
Review these resources on insecure handling, and identify areas where
insecure handling
may be a concern for your organization.
Incorporate this information in your key management plan.
In the next step, you will consider key management capabilities.
Step 3: Identify Key Management Gaps, Risks,
Solution
s, and Challenges
In the previous step, you identified the key components of an enterprise key management system. In this step, you will conduct independent research on key management issues in existing organizations. You will use this research to help identify gaps in key management, in each of the key management areas within Superior Health Care.
Conduct independent research to identify typical gaps in key manage.
CSc3320 Assignment 6 Due on 24th April, 2013 Socket programming .docxmydrynan
CSc3320 Assignment 6 Due on 24th April, 2013
Socket programming code (server.c & client.c) demoed in class implement a server-client communication by socket. The server sets up a socket and waits for communication request from a client. The client tries to connect to server and asks user for a message to send to server after the connection established. Server then accepts the communication, reads the message, displays it and send confirmation message to the client. The client reads confirmation from server and displays it too.
Please modify the server.c such that the server can carry out the same communication with
3
clients. It creates a child process (fork()) every time a communication request from one client arrives and continues to wait to serve the next client. This child process takes care of reading message/sending confirmation from/to the corresponding client and terminates with the exit code 0. After serving all 3 clients, the server needs to accept (wait()) termination of all child processes it created. Server prints out message about the child process ID and the exit code every time it accepts the termination of a child process (eg. “A child with PID 1959 terminated with exit code 0”).
Client.c
#include
#include
#include
#include
#include
#include
#include
#include
void error(const char *msg)
{
perror(msg);
exit(0);
}
int main(int argc, char *argv[])
{
int sockfd, portno, n;
struct sockaddr_in serv_addr;
struct hostent *server;
char buffer[256];
if (argc < 3) {
fprintf(stderr,"usage %s hostname port\n", argv[0]);
exit(0);
}
portno = atoi(argv[2]);
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0)
error("ERROR opening socket");
server = gethostbyname(argv[1]);
if (server == NULL) {
fprintf(stderr,"ERROR, no such host\n");
exit(0);
}
bzero((char *) &serv_addr, sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
bcopy((char *)server->h_addr,
(char *)&serv_addr.sin_addr.s_addr,
server->h_length);
serv_addr.sin_port = htons(portno);
//printf("h_addr: %s\n", inet_ntoa(serv_addr.sin_addr));
if (connect(sockfd,(struct sockaddr *) &serv_addr,sizeof(serv_addr)) < 0)
error("ERROR connecting");
printf("Please enter the message: ");
bzero(buffer,256);
fgets(buffer,255,stdin);
n = write(sockfd,buffer,strlen(buffer));
if (n < 0)
error("ERROR writing to socket");
bzero(buffer,256);
n = read(sockfd,buffer,255);
if (n < 0)
error("ERROR reading from socket");
printf("%s\n",buffer);
close(sockfd);
return 0;
}
Server.c
/* A simple server in the internet domain using TCP
The port number is passed as an argument */
#include
#include
#include
#include
#include
#include
#include
#include
void error(const char *msg)
{
perror(msg);
.
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionTechSoup
Let’s explore the intersection of technology and equity in the final session of our DEI series. Discover how AI tools, like ChatGPT, can be used to support and enhance your nonprofit's DEI initiatives. Participants will gain insights into practical AI applications and get tips for leveraging technology to advance their DEI goals.
हिंदी वर्णमाला पीपीटी, hindi alphabet PPT presentation, hindi varnamala PPT, Hindi Varnamala pdf, हिंदी स्वर, हिंदी व्यंजन, sikhiye hindi varnmala, dr. mulla adam ali, hindi language and literature, hindi alphabet with drawing, hindi alphabet pdf, hindi varnamala for childrens, hindi language, hindi varnamala practice for kids, https://www.drmullaadamali.com
Strategies for Effective Upskilling is a presentation by Chinwendu Peace in a Your Skill Boost Masterclass organisation by the Excellence Foundation for South Sudan on 08th and 09th June 2024 from 1 PM to 3 PM on each day.
How to Manage Your Lost Opportunities in Odoo 17 CRMCeline George
Odoo 17 CRM allows us to track why we lose sales opportunities with "Lost Reasons." This helps analyze our sales process and identify areas for improvement. Here's how to configure lost reasons in Odoo 17 CRM
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
This presentation was provided by Steph Pollock of The American Psychological Association’s Journals Program, and Damita Snow, of The American Society of Civil Engineers (ASCE), for the initial session of NISO's 2024 Training Series "DEIA in the Scholarly Landscape." Session One: 'Setting Expectations: a DEIA Primer,' was held June 6, 2024.
How to Add Chatter in the odoo 17 ERP ModuleCeline George
In Odoo, the chatter is like a chat tool that helps you work together on records. You can leave notes and track things, making it easier to talk with your team and partners. Inside chatter, all communication history, activity, and changes will be displayed.
বাংলাদেশের অর্থনৈতিক সমীক্ষা ২০২৪ [Bangladesh Economic Review 2024 Bangla.pdf] কম্পিউটার , ট্যাব ও স্মার্ট ফোন ভার্সন সহ সম্পূর্ণ বাংলা ই-বুক বা pdf বই " সুচিপত্র ...বুকমার্ক মেনু 🔖 ও হাইপার লিংক মেনু 📝👆 যুক্ত ..
আমাদের সবার জন্য খুব খুব গুরুত্বপূর্ণ একটি বই ..বিসিএস, ব্যাংক, ইউনিভার্সিটি ভর্তি ও যে কোন প্রতিযোগিতা মূলক পরীক্ষার জন্য এর খুব ইম্পরট্যান্ট একটি বিষয় ...তাছাড়া বাংলাদেশের সাম্প্রতিক যে কোন ডাটা বা তথ্য এই বইতে পাবেন ...
তাই একজন নাগরিক হিসাবে এই তথ্য গুলো আপনার জানা প্রয়োজন ...।
বিসিএস ও ব্যাংক এর লিখিত পরীক্ষা ...+এছাড়া মাধ্যমিক ও উচ্চমাধ্যমিকের স্টুডেন্টদের জন্য অনেক কাজে আসবে ...
This presentation includes basic of PCOS their pathology and treatment and also Ayurveda correlation of PCOS and Ayurvedic line of treatment mentioned in classics.
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
A workshop hosted by the South African Journal of Science aimed at postgraduate students and early career researchers with little or no experience in writing and publishing journal articles.
Walmart Business+ and Spark Good for Nonprofits.pdfTechSoup
"Learn about all the ways Walmart supports nonprofit organizations.
You will hear from Liz Willett, the Head of Nonprofits, and hear about what Walmart is doing to help nonprofits, including Walmart Business and Spark Good. Walmart Business+ is a new offer for nonprofits that offers discounts and also streamlines nonprofits order and expense tracking, saving time and money.
The webinar may also give some examples on how nonprofits can best leverage Walmart Business+.
The event will cover the following::
Walmart Business + (https://business.walmart.com/plus) is a new shopping experience for nonprofits, schools, and local business customers that connects an exclusive online shopping experience to stores. Benefits include free delivery and shipping, a 'Spend Analytics” feature, special discounts, deals and tax-exempt shopping.
Special TechSoup offer for a free 180 days membership, and up to $150 in discounts on eligible orders.
Spark Good (walmart.com/sparkgood) is a charitable platform that enables nonprofits to receive donations directly from customers and associates.
Answers about how you can do more with Walmart!"
Film vocab for eal 3 students: Australia the movie
F E B R U A R Y 8 , 2 0 1 1Vivek Kundra U.S. Chief Inf.docx
1. F E B R U A R Y 8 , 2 0 1 1
Vivek Kundra
U.S. Chief Information Officer
F E D E R A L C L O U D
C O M P U T I N G S T R AT E G Y
i★ ★
TABLE OF CONTENTS
Executive Summary
1
I Unleashing the Power of Cloud
5
1 Defining cloud computing
5
2 Cloud is a fundamental shift in IT
6
3 Cloud computing can significantly improve public sector IT
6
II Decision Framework for Cloud Migration
2. 11
1 Selecting services to move to the cloud
11
2 Provisioning cloud services effectively
15
3 Managing services rather than assets
16
III Case Examples to Illustrate Framework
19
1 Tailoring solution to protect security and maximize value
19
2 Provisioning to ensure competitiveness and capture value
20
3 Re-defining IT from an asset to a service
22
IV Catalyzing Cloud Adoption
25
1 Leveraging cloud computing accelerators
25
2 Ensuring a secure, trustworthy environment
26
3 Streamlining procurement processes
28
4 Establishing cloud computing standards
3. 29
5 Recognizing the international dimensions of cloud computing
30
6 Laying a solid governance foundation
31
V Conclusion
33
Appendix 1: Potential Spending on Cloud Computing By
Agency 35
Appendix 2: Agency Resources for Cloud Computing
37
1★ ★
EXECUTIVE SUMMARY
The Federal Government’s current Information Technology (IT)
environment is characterized by low
asset utilization, a fragmented demand for resources,
duplicative systems, environments which are dif-
ficult to manage, and long procurement lead times These
inefficiencies negatively impact the Federal
Government’s ability to serve the American public
Cloud computing has the potential to play a major part in
addressing these inefficiencies and improving
government service delivery The cloud computing model can
significantly help agencies grappling with
4. the need to provide highly reliable, innovative services quickly
despite resource constraints
Commercial service providers are expanding their available
cloud offerings to include the entire tradi-
tional IT stack of hardware and software infrastructure,
middleware platforms, application system com-
ponents, software services, and turnkey applications The
private sector has taken advantage of these
technologies to improve resource utilization, increase service
responsiveness, and accrue meaningful
benefits in efficiency, agility, and innovation Similarly, for the
Federal Government, cloud computing
holds tremendous potential to deliver public value by increasing
operational efficiency and responding
faster to constituent needs
An estimated $20 billion of the Federal Government’s $80
billion in IT spending is a potential target for
migration to cloud computing solutions (Appendix 1) 1
Figure 1: Estimated portion of Federal IT spend able to move to
the cloud
1 Based on agency estimates as reported to the Office of
Management and Budget (OMB)
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
2★ ★
To harness the benefits of cloud computing, we have instituted a
5. Cloud First policy This policy is intended
to accelerate the pace at which the government will realize the
value of cloud computing by requiring
agencies to evaluate safe, secure cloud computing options
before making any new investments
By leveraging shared infrastructure and economies of scale,
cloud computing presents a compelling
business model for Federal leadership Organizations will be
able to measure and pay for only the IT
resources they consume, increase or decrease their usage to
match requirements and budget con-
straints, and leverage the shared underlying capacity of IT
resources via a network Resources needed
to support mission critical capabilities can be provisioned more
rapidly and with minimal overhead and
routine provider interaction
Cloud computing can be implemented using a variety of
deployment models – private, community,
public, or a hybrid combination
Cloud computing offers the government an opportunity to be
more efficient, agile, and innovative
through more effective use of IT investments, and by applying
innovations developed in the private
sector If an agency wants to launch a new innovative program,
it can quickly do so by leveraging cloud
infrastructure without having to acquire significant hardware,
lowering both time and cost barriers to
deployment
This Federal Cloud Computing Strategy is designed to:
• Articulate the benefits, considerations, and trade-offs of
cloud computing
6. • Provide a decision framework and case examples to support
agencies in migrating towards
cloud computing
• Highlight cloud computing implementation resources
• Identify Federal Government activities and roles and
responsibilities for catalyzing cloud
adoption
Following the publication of this strategy, each agency will re-
evaluate its technology sourcing strategy
to include consideration and application of cloud computing
solutions as part of the budget process
Consistent with the Cloud First policy, agencies will modify
their IT portfolios to fully take advantage
of the benefits of cloud computing in order to maximize
capacity utilization, improve IT flexibility and
responsiveness, and minimize cost
E X E C U T I V E S U M M A R Y
3★ ★
Figure 2: Cloud benefits: Efficiency, Agility, Innovation
EFFICIENCY
Cloud Benefits Current Environment
• Improved asset utilization (server utilization >
60-70%)
• Aggregated demand and accelerated system con-
7. solidation (e g , Federal Data Center Consolidation
Initiative)
• Improved productivity in application develop-
ment, application management, network, and
end-user
• Low asset utilization (server utilization < 30%
typical)
• Fragmented demand and duplicative systems
• Difficult-to-manage systems
AGILITY
Cloud Benefits Current Environment
• Purchase “as-a-service” from trusted cloud
providers
• Near-instantaneous increases and reductions in
capacity
• More responsive to urgent agency needs
• Years required to build data centers for new
services
• Months required to increase capacity of existing
services
INNOVATION
Cloud Benefits Current Environment
• Shift focus from asset ownership to service
management
8. • Tap into private sector innovation
• Encourages entrepreneurial culture
• Better linked to emerging technologies (e g ,
devices)
• Burdened by asset management
• De-coupled from private sector innovation
engines
• Risk-adverse culture
5★ ★
I. UNLEASHINg THE
pOWER OF CLOUd
Cloud computing describes a broad movement to treat IT
services as a commodity with the ability to
dynamically increase or decrease capacity to match usage needs
By leveraging shared infrastructure
and economies of scale, cloud computing presents Federal
leadership with a compelling business
model It allows users to control the computing services they
access, while sharing the investment in
the underlying IT resources among consumers When the
computing resources are provided by another
organization over a wide-area network, cloud computing is
similar to an electric power utility The pro-
9. viders benefit from economies of scale, which in turn enables
them to lower individual usage costs and
centralize infrastructure costs Users pay for what they
consume, can increase or decrease their usage,
and leverage the shared underlying resources With a cloud
computing approach, a cloud customer can
spend less time managing complex IT resources and more time
investing in core mission work
1. Defining cloud computing
Cloud computing is defined by the National Institute of
Standards and Technology (NIST)2 as “a model for
enabling convenient, on-demand network access to a shared
pool of configurable computing resources
(e g , networks, servers, storage, applications, and services) that
can be rapidly provisioned and released
with minimal management effort or service provider interaction
”3 NIST has identified five essential
characteristics of cloud computing: on-demand service, broad
network access, resource pooling, rapid
elasticity, and measured service 4
Cloud computing is defined to have several deployment models,
each of which provides distinct
trade-offs for agencies which are migrating applications to a
cloud environment NIST defines the cloud
deployment models as follows:
• Private cloud. The cloud infrastructure is operated solely for
an organization It may be managed
by the organization or a third party and may exist on premise or
off premise
• Community cloud. The cloud infrastructure is shared by
several organizations and supports a
specific community that has shared concerns (e g , mission,
10. security requirements, policy, and
compliance considerations) It may be managed by the
organizations or a third party and may
exist on premise or off premise
• Public cloud. The cloud infrastructure is made available to
the general public or a large industry
group and is owned by an organization selling cloud services
• Hybrid cloud The cloud infrastructure is a composition of
two or more clouds (private, com-
munity, or public) that remain unique entities but are bound
together by standardized or
proprietary technology that enables data and application
portability (e g , cloud bursting for
load-balancing between clouds)
2 http://csrc nist gov/groups/SNS/cloud-computing/cloud-def-
v15 doc
3 http://csrc nist gov/groups/SNS/cloud-computing/cloud-def-
v15 doc
4 http://csrc nist gov/groups/SNS/cloud-computing/cloud-def-
v15 doc
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-
v15.doc
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-
v15.doc
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-
v15.doc
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
6★ ★
11. Cloud computing can also categorized into service models
These are defined by NIST to be:
• Cloud Software as a Service (SaaS). The capability provided
to the consumer is to use the pro-
vider’s applications running on a cloud infrastructure The
applications are accessible from
various client devices through a thin client interface such as a
web browser (e g , web-based
email) The consumer does not manage or control the underlying
cloud infrastructure including
network, servers, operating systems, storage, or even individual
application capabilities, with
the possible exception of limited user-specific application
configuration settings
• Cloud Platform as a Service (PaaS) The capability provided
to the consumer is the ability to
deploy onto the cloud infrastructure consumer-created or
acquired applications created using
programming languages and tools supported by the provider
The consumer does not manage
or control the underlying cloud infrastructure including
network, servers, operating systems,
or storage, but has control over the deployed applications and
possibly application hosting
environment configurations
• Cloud Infrastructure as a Service (IaaS). The capability
provided to the consumer is to provision
processing, storage, networks, and other fundamental computing
resources where the con-
sumer is able to deploy and run arbitrary software, which can
include operating systems and
applications The consumer does not manage or control the
underlying cloud infrastructure
12. but has control over operating systems, storage, deployed
applications, and possibly limited
control of select networking components (e g , host firewalls)
2. Cloud is a fundamental shift in IT
Cloud computing enables IT systems to be scalable and elastic
End users do not need to determine
their exact computing resource requirements upfront Instead,
they provision computing resources as
required, on-demand Using cloud computing services, a Federal
agency does not need to own data
center infrastructure to launch a capability that serves millions
of users
3. Cloud computing can significantly improve public sector IT
A number of government agencies are adopting cloud
technologies and are realizing considerable
benefits For instance, NASA Nebula,5 through a community
cloud, gives researchers access to IT services
relatively inexpensively in minutes Prior to adopting this
approach, it would take researchers months
to procure and configure comparable IT resources and
significant
5 http://nebula nasa gov/services/
http://nebula nasa gov/blog/
http://nebula.nasa.gov/services
http://nebula.nasa.gov/blog
I . U N L E A S H I N g T H E p O W E R O F C L O U d
7★ ★
management oversight to monitor and upgrade systems
13. Applying cloud technologies across the entire
Federal Government can yield tremendous benefits in
efficiency, agility, and innovation These benefits
are described below
Efficiency improvements will shift resources towards higher-
value activities
In FY2010, approximately thirty cents of every dollar invested
in Federal IT was spent on data center infra-
structure 6 Unfortunately, only a fraction of this investment
delivers real, measurable impact for American
citizens By using the cloud computing model for IT services,
we will be able to reduce our data center
infrastructure expenditure by approximately 30%7 (which
contributes to the estimated $20 billion of IT
spending that could be migrated to cloud computing solutions)
Similar efficiency improvements will
be seen in software applications and end-user support These
savings can be used to increase capacity
or be re invested in agency missions, including citizen-facing
services and inventing and deploying new
innovations Cloud computing can allow IT organizations to
simplify, as they no longer have to maintain
complex, heterogeneous technology environments Focus will
shift from the technology itself to the
core competencies and mission of the agency
Assets will be better utilized
Across the public and private sectors, data center infrastructure
investments are not utilized to their
fullest potential For example, according to a recent survey,
many agencies are not fully utilizing their
available storage capacity and are utilizing less than 30% of
their available server capacity 8 Low utiliza-
tion is not necessarily a consequence of poor management, but,
14. instead, a result of the need to ensure
that there is reserve capacity to meet periodic or unexpected
demand for key functions
With cloud computing, IT infrastructure resources are pooled
and shared across large numbers of
applications and organizations Cloud computing can
complement data center consolidation efforts
by shifting workloads and applications to infrastructures owned
and operated by third parties Capacity
can be provisioned to address the peak demand across a group
of applications, rather than for a single
application When demand is aggregated in this fashion and
properly managed, the peaks and troughs
of demand smooth out, providing a more consistent and
manageable demand profile
As utilization is improved, more value is derived from the
existing assets, reducing the need to continu-
ously increase capacity Fewer machines mean less spending on
hardware, software, and operations
maintenance, real estate, and power consumption
Demand aggregation will reduce duplication
The shift to cloud computing can help to mitigate the
fragmented data, application, and infrastructure
silo issues associated with federated organizational and funding
models by focusing on IT services as
a utility IT services become candidates for more cost effective
procurement and management, similar
to the model currently used for buildings and utility services
6 President’s FY2011 Budget
7 Gartner IT Key Metrics Data 2009, Bloomberg, McKinsey
analysis
8 Agency Data Center Consolidation Plans submitted to OMB,
15. August 2010
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
8★ ★
Cloud computing has the potential to provide a more
interoperable and portable environment for data
and systems With the appropriate standards, over time,
organizations may be able to move to common
services and platforms
Data center consolidation can be accelerated
In February 2010, we launched the Federal Data Center
Consolidation Initiative (FDCCI) to con-
solidate the Federal Government’s fragmented data center
environment Through the FDCCI,
agencies have formulated detailed consolidation plans and
technical roadmaps to eliminate a
minimum of 800 data centers by 2015 9
Cloud computing can accelerate data center consolidation
efforts by reducing the number of applica-
tions hosted within government-owned data centers For those
that continue to be owned and operated
directly by Federal agencies (e g , by implementing private IaaS
clouds), environments will be more
interoperable and portable, which will decrease data center
consolidation and integration costs because
it reduces unnecessary heterogeneity and complexity in the IT
environment
IT will be simpler and more productive
Cloud computing also provides an indirect productivity benefit
16. to all services in the IT stack For example,
less effort will be required to stand up and develop software
testing environments, enabling application
development teams to integrate and test frequently in
production-representative environments at a
fraction of the cost of providing this infrastructure separately
Agility improvements will make services more responsive
The impact of cloud computing will be far more than economic
Cloud computing will also allow agen-
cies to improve services and respond to changing needs and
regulations much more quickly
With traditional infrastructure, IT service reliability is strongly
dependent upon an organization’s ability
to predict service demand, which is not always possible For
example, the IT system used in the Car
Allowance and Rebate System (CARS, more commonly known
as “Cash-For-Clunkers”) had numerous
failures because the load was considerably higher than what its
system could handle The sponsor for
“Cash-for-Clunkers,” the National Highway Traffic Safety
Administration (NHTSA) anticipated a demand
of 250,000 transactions over a four month period, but within
just 90 days, the system processed approxi-
mately 690,000 CARS transactions Within three days of the
first dealer registrations, the system was
overwhelmed, leading to numerous outages and service
disruptions The $1 billion appropriated for the
program was nearly exhausted within one week and an
additional $2 billion dollars was appropriated
to triple the potential number of transactions just nine days after
the program began NHTSA deployed
a customized commercial application hosted in a traditional data
center environment, but the CARS
17. system presented a very good example of an unpredictable
service demand and a short development
window that could have been more efficiently handled using a
cloud computing approach Cloud
computing will allow agencies to rapidly scale up to meet
unpredictable demand thus minimizing
9 OMB, 25-point implementation plan to reform Federal
information technology management, December 9, 2010,
http://www cio gov/documents/25-Point-Implementation-Plan-
to-Reform-Federal%20IT pdf
http://www.cio.gov/documents/25-Point-Implementation-Plan-
to-Reform-Federal%20IT.pdf
I . U N L E A S H I N g T H E p O W E R O F C L O U d
9★ ★
similar disruptions Notably, cloud computing also provides an
important option for agencies in meeting
short-term computing needs such as the one above; agencies
need not invest in infrastructure in cases
where service is needed for a limited period of time
Services will be more scalable
With a larger pool of resources to draw from, individual cloud
services are unlikely to encounter capac-
ity constraints As a result, government services such as “Cash-
for-Clunkers” would be able to more
rapidly increase capacity and avoid service outages Given
appropriate service level agreements and
governance to ensure overall capacity is met, cloud computing
will make the government’s IT invest-
ments less sensitive to the uncertainty in demand forecasts for
18. individual programs, which frequently
emerge rapidly in response to national program needs which
cannot be foreseen in the early stages of
the Federal budget cycle
Innovation improvements will rapidly enhance service
effectiveness
Cloud computing will not only make our IT services more
efficient and agile, it will also serve as an
enabler for innovation Cloud computing allows the Federal
Government to use its IT investments in a
more innovative way and to more easily adopt innovations from
the private sector Cloud computing
will also help our IT services take advantage of leading-edge
technologies including devices such as
tablet computers and smart phones
IT innovation has transformed how the private sector operates
and revolutionized the efficiency, con-
venience, and effectiveness with which it serves its customers
In our everyday lives, we can track the
status of a shipment; order a pizza or a pair of shoes; make
travel, hotel, and restaurant reservations;
and collaborate with friends and colleagues – all online,
anytime, and anywhere Yet, when it comes to
dealing with the Federal Government, we too often need to
stand in line, hold on the phone, or mail in
a paper form For many reasons such as policy and other
constraints, the Federal Government has not
innovated as quickly as the private sector and has consequently
missed out on many of the benefits
offered through IT
Encourage entrepreneurial culture by reducing risk
Cloud-based projects can be conceived, developed, and tested
19. with smaller initial investments than
traditional IT investments Rather than laboriously building data
center capacity to support a new
development environment, capacity can be provisioned in small
increments through cloud comput-
ing technologies After the small initial investment is made, the
project can be evaluated for additional
investment or cancellation Projects that show promise can gain
valuable insights through the evalua-
tion process Less promising projects can be cancelled with
minimal losses This “start small” approach
collectively reduces the risk associated with new application
development Reducing the minimum
required investment size will also provide a more experimental
development environment in which
innovation can flourish
11★ ★
II. dECISION FRAMEWORK
FOR CLOUd MIgRATION
The broad scope and size of the cloud transformation will
require a meaningful shift in how government
organizations think of IT Organizations that previously thought
of IT as an investment in locally owned
and operated applications, servers, and networks will now need
to think of IT in terms of services, com-
moditized computing resources, agile capacity provisioning
tools, and their enabling effect for American
citizens This new way of thinking will have a broad impact
across the entire IT service lifecycle – from
20. capability inception through delivery and operations
The following structured framework presents a strategic
perspective for agencies in terms of thinking
about and planning for cloud migration
Figure 3: Decision Framework for Cloud Migration
A broad set of principles and considerations for each of these
three major migration steps is presented
below Please refer to Section 3 for an illustration of how these
considerations can be applied, using
Federal case study examples
1. Selecting services to move to the cloud
Successful organizations carefully consider their broad IT
portfolios and create roadmaps for cloud
deployment and migration These roadmaps prioritize services
that have high expected value and
high readiness to maximize benefits received and minimize
delivery risk Defining exactly which cloud
services
required
ensure compliance and
continuous improvement
- evaluate vendor and
service models periodically to
maximize benefits and
21. minimize risks
ervices to
move and when
– Identify sources of value
for cloud migrations:
efficiency, agility,
innovation
– Determine cloud
readiness: security, market
availability, government
readiness, and technology
lifecycle
Select
? Aggregate demand at
Department level where
possible
and integration with IT
portfolio
agency needs are met
or decommissioning legacy
assets and redeploying freed
resources
Provision Manage
22. Framework is flexible and can be adjusted to meet individual
age ncy needs Framework is flexible and can be adjusted to
meet individual age ncy needs
to services
sets as
required
ensure compliance and
continuous improvement
- evaluate vendor and
service models periodically to
maximize benefits and
minimize risks
move and when
– Identify sources of value
for cloud migrations:
efficiency, agility,
innovation
– Determine cloud
readiness: security, market
availability, government
readiness, and technology
lifecycle
Select
Aggregate demand at
23. Department level where
possible
and integration with IT
portfolio
agency needs are met
or decommissioning legacy
assets and redeploying freed
resources
Provision Manage
Framework is flexible and can be adjusted to meet individual
age Framework is flexible and can be adjusted to meet
individual agency needs
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
12★ ★
services an organization intends to provide or consume is a
fundamental initiation phase activity in
developing an agency roadmap
The chart shown below uses two dimensions to help plan cloud
24. migrations: Value and Readiness The
Value dimension captures cloud benefits in the three areas
discussed in Section 1 (i e , efficiency, agil-
ity, and innovation) The Readiness dimension broadly captures
the ability for the IT service to move
to the cloud in the near-term Security, service and market
characteristics, government readiness, and
lifecycle stage are key considerations As shown below,
services with relatively high value and readiness
are strong candidates to move to the cloud first
Figure 4: Selecting Services for Cloud Migration
The relative weight of the value and readiness dimensions can
be adjusted to meet the individual needs
of agencies Some agencies may stress innovation and security
while others may stress efficiency and
government readiness However, the logic and structure of the
framework should be applicable for all
agencies
Described below are a number of considerations for value and
readiness that agencies may find helpful
when completing this evaluation
I I . d E C I S I O N F R A M E W O R K F O R C L O U d
M I g R AT I O N
13★ ★
Identify sources of value
25. As described in Section 1, cloud computing provides three
primary sources of business value: efficiency,
agility, and innovation Listed below are a number of
considerations for each value category
Agencies should feel free to stress one or more of these sources
of value according to their individual
needs and mission goals For instance, some agencies may place
a higher value on agility, while others
may stress cost savings brought about by greater computing
efficiency
Efficiency: Efficiency gains can come in many forms, including
higher computer resource utilization due
to the employment of contemporary virtualization technologies,
and tools that extend the reach of the
system administrator, lowering labor costs Efficiency
improvements can often have a direct impact on
ongoing bottom line costs Further, the nature of some costs
will change from being capital investment
in hardware and infrastructure (CapEx) to a pay-as-you go
(OpEx) model with the cloud, depending on
the cloud deployment model being used Services that have
relatively high per-user costs, have low
utilization rates, are expensive to maintain and upgrade, or are
fragmented should receive a relatively
high priority for consideration
Agility: Many cloud computing efforts support rapid automated
provisioning of computing and storage
resources In this way, cloud computing approaches put IT
agility in the hands of users, and this can be
a qualitative benefit Existing services that require long lead
times to upgrade or increase / decrease
capacity should receive a relatively high priority for
consideration, and so should new or urgently
26. needed services to compress delivery timelines as much as
possible Services that are easy to upgrade,
are not sensitive to demand fluctuations, or are unlikely to need
upgrades in the long-term can receive
a relatively low priority
Innovation: Agencies can compare their current services to
contemporary marketplace offerings, or
look at their customer satisfaction scores, overall usage trends,
and functionality to identify the need for
potential improvements through innovation Services that would
most benefit from innovation should
receive a relatively high priority
Determine cloud readiness
It is not sufficient to consider only the potential value of
moving to cloud services Agencies should make
risk-based decisions which carefully consider the readiness of
commercial or government providers
to fulfill their Federal needs These can be wide-ranging, but
likely will include: security requirements,
service and marketplace characteristics, application readiness,
government readiness, and program’s
stage in the technology lifecycle Similar to the value
estimation, agencies should be free to stress one
or more of these readiness considerations according to their
individual needs
Security Requirements: Federal Government IT programs have a
wide range of security requirements
Federal Information Security Management Act (FISMA)
requirements include but are not limited to:
compliance with Federal Information Processing Standards
agency specific policies; Authorization to
Operate requirements; and vulnerability and security event
27. monitoring, logging, and reporting It is
essential that the decision to apply a specific cloud computing
model to support mission capability
considers these requirements Agencies have the responsibility
to ensure that a safe, secure cloud solu-
tion is available to provide a prospective IT service, and should
carefully consider agency security needs
across a number of dimensions, including but not limited to:
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
14★ ★
• Statutory compliance to laws, regulations, and agency
requirements
• Data characteristics to assess which fundamental protections
an application’s data set requires
• Privacy and confidentiality to protect against accidental and
nefarious access to information
• Integrity to ensure data is authorized, complete, and accurate
• Data controls and access policies to determine where data can
be stored and who can access
physical locations
• Governance to ensure that cloud computing service providers
are sufficiently transparent, have
adequate security and management controls, and provide the
information necessary for the
agency to appropriately and independently assess and monitor
the efficacy of those controls
28. For additional discussion and considerations regarding trust and
security in the context of cloud com-
puting, please refer to the online NIST cloud computing
resources 10
Service characteristics: Service characteristics can include
service interoperability, availability, perfor-
mance, performance measurement approaches, reliability,
scalability, portability, vendor reliability, and
architectural compatibility
Storing information in the cloud will require a technical
mechanism to achieve compliance with records
management laws, policies and regulations promulgated by both
the National Archives and Records
Administration (NARA) and the General Services
Administration (GSA) The cloud solution has to sup-
port relevant record safeguards and retrieval functions, even in
the context of a provider termination
Depending on the organizational missions supported by the
cloud capability, Continuity of Operations
(COOP) can be a driving solution requirement The purpose of a
COOP capability is to ensure that
mission-essential functions continue to be available in times of
crisis or against a spectrum of threats
Threats can include a wide range of potential emergencies,
including localized acts of nature, accidents,
and technological and/or attack-related emergencies
The organization should consider scalability requirements
concerning the ability of the cloud solution
architecture to either grow or shrink over time, with varying
levels of processing, storage, or service
handling capability They should also consider both the impact
29. on their business processes if network
connectivity to their cloud provider fails, resulting in a loss of
IT capability, and the possibility (likelihood)
of this occurrence
Requirements concerning administrative support should be
included as well, covering topics such as the
daily hours of prime support, problem escalation times,
resolution of recurring problems, and trouble
ticket submission methods
Market Characteristics: Agencies should consider the cloud
market competitive landscape and matu-
rity, including both fully commercial and government-provided
cloud services Agencies can consider
whether cloud markets are sufficiently competitive and are not
dominated by a small number of players
Agencies can consider whether there is a demonstrated
capability to move services from one provider
10 http://csrc nist gov/groups/SNS/cloud-computing/
http://www nist gov/itl/cloud/index cfm
http://csrc.nist.gov/groups/SNS/cloud-computing/
http://www.nist.gov/itl/cloud/index.cfm
I I . d E C I S I O N F R A M E W O R K F O R C L O U d
M I g R AT I O N
15★ ★
to another, and whether there is a demonstrated capability to
distribute services between two or more
providers in response to service quality and capacity Agencies
should consider the availability of techni-
30. cal standards for cloud interfaces which reduce the risk of
vendor lock-in
Network infrastructure, application and data readiness: Before
migrating to the cloud agencies
must ensure that the network infrastructure can support the
demand for higher bandwidth and that
there is sufficient redundancy for mission critical applications
Agencies should update their continuity
of operations plans to reflect the increased importance of a
high-bandwidth connection to the Internet
or service provider Another key factor to assess when
determining readiness for migration to the cloud
is the suitability of the existing legacy application and data to
either migrate to the cloud (i e , rehost
an application in a cloud environment) or be replaced by a cloud
service (i e , retire the legacy system
and replace with commercial SaaS equivalent) If the candidate
application has clearly articulated and
understood interfaces and business rules, and has limited and
simple coupling with other systems and
databases, it is a good candidate along this dimension If the
application has years of accumulated and
poorly documented business rules embedded in code, and a
proliferation of subtle or poorly understood
interdependencies with other systems, the risks of “breakage”
when the legacy application is migrated
or retired make this a less attractive choice for early cloud
adoption
Government readiness: In addition, agencies should consider
whether or not the applicable orga-
nization is pragmatically ready to migrate their service to the
cloud Government services which have
capable and reliable managers, the ability to negotiate
appropriate SLAs, related technical experience,
31. and supportive change management cultures should receive a
relatively high priority Government
services which do not possess these characteristics but are
otherwise strong cloud candidates should
take steps to alleviate any identified concerns as a matter of
priority
Technology lifecycle: Agencies should also consider where
technology services (and the underlying
computing assets) are in their lifecycle Services that are
nearing a technology refresh, approaching the
conclusion of their negotiated contract, or are dependent upon
inefficient legacy software or hardware
should receive a relatively high priority Technology services
that were recently upgraded, locked within
contract, and are based on leading-edge technology may want to
wait before migrating to the cloud
2. Provisioning cloud services effectively
To effectively provision selected IT services, agencies will need
to re think their processes as provision-
ing services rather than simply contracting assets Contracts
that previously focused on metrics such
as number of servers and network bandwidth now should focus
on the quality of service fulfillment
Organizations that are most successful in cloud service
provisioning carefully think through a number
of factors, including:
Aggregate demand: When considering “commodity” and
common IT services, agencies should pool
their purchasing power by aggregating demand to the greatest
extent possible before migrating ser-
vices to the cloud Where appropriate, demand should be
aggregated at the departmental level and as
32. part of the government-wide shared services initiatives such as
government-wide cloud-based email
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
16★ ★
Integrate services: Agencies should ensure that the provided IT
services are effectively integrated into
their wider application portfolio In some cases, technical
experts may be required to evaluate architec-
tural compatibility of the provided cloud service and other
critical applications Rather than a one-time
event, this principle should be followed over time to guarantee
that systems remain interoperable as
individual IT services evolve within the portfolio Business
process change may similarly be required to
properly integrate the systems (e g , adjusting call center
processes)
Contract effectively: Agencies should also ensure that their
contracts with cloud service providers set
the service up for success Agencies should minimize the risk of
vendor lock-in, for instance, to ensure
portability and encourage competition among providers
Agencies should include explicit service level
agreements (SLAs) for security, continuity of operations, and
service quality that meet their individual
needs Agencies should include a contractual clause enabling
third parties to assess security controls
of cloud providers The SLA should specify the support steps
that the consumer can take when the
service is failing to meet the terms specified in the agreement,
and should include points-of-contact
33. and escalation procedures It is important to be precise in the
definition of metrics and specify when and
where they will be collected For example, performance is
different when measured from the consumer
or provider due to the network delays Metrics should measure
characteristics under the control of the
vendor Finally, the SLA should describe a mutual management
process for the service levels, including
periodic reporting requirements and meetings for management
assessments
Realize value: Agencies should take steps during migration to
ensure that they fully realize the expected
value From an efficiency standpoint, legacy applications and
servers should be shut down and decom-
missioned or repurposed Data center real estate used to support
these systems should be closed down
or used to support higher value-add activities Where possible,
staff supporting these systems should be
trained and re-deployed to higher-value activities From an
agility and innovation standpoint, processes
and capabilities may also need to be refined in order to fully
capture the value of the investment
3. Managing services rather than assets
To be successful, agencies must manage cloud services
differently than traditional IT assets As with
provisioning, cloud computing will require a new way of
thinking to reflect a service-based focus rather
than an asset-based focus Listed below are a few considerations
for agencies to effectively manage
their cloud services
Shift mindset: Organizations need to re-orient the focus of all
parties involved – providers, government
agencies, and end users – to think of services rather than assets
34. Organizations that successfully make
this transition will effectively manage the system towards
output metrics (e g , SLAs) rather than input
metrics (e g , number of servers)
Actively monitor: Agencies should actively track SLAs and hold
vendors accountable for failures
Agencies should stay ahead of emerging security threats and
ensure that their security outlook is
constantly evolving faster than potential attacks Agencies may
also consider incorporating business
user feedback into evaluation processes Finally, agencies
should track usage rates to ensure charges
do not exceed funded amounts
I I . d E C I S I O N F R A M E W O R K F O R C L O U d
M I g R AT I O N
17★ ★
It can be advantageous for a consumer to “instrument” key
points on the network to measure perfor-
mance of cloud service providers For example, commercial
tools can report back to a centralized data
store on service performance, and instrumentation agents can be
placed with participating consumers
and at the entry point of the service provider on the network By
gathering data across providers on
the performance of pre-planned instrumented service calls
throughout typical work periods, service
managers can better judge where performance bottlenecks arise
Agencies should include requirements
for service instrumentation where appropriate
35. Re-evaluate periodically: Agencies should periodically re-
evaluate the choice of service and vendor
to ensure that efficiency, agility, and innovation are maximized
Agencies should ensure portability and
hold competitive bids for cloud services at regular intervals
Agencies should also consider increasing
the scope of cloud-provided services as markets mature (e g ,
moving from IaaS solutions to PaaS and
SaaS solutions) Opportunities to consolidate and standardize
solutions between agencies should be
periodically evaluated as well, particularly for “commodity”
services To effectively conduct re-evaluations,
agencies should maintain awareness of changes in the
technology landscape, in particular, the readiness
of new cloud technologies, commercial innovation, and new
cloud vendors
19★ ★
III. CASE EXAMpLES TO
ILLUSTRATE FRAMEWORK
Many Federal agencies have already taken their first steps
towards cloud computing In each case,
the agency achieved considerable benefits to efficiency, agility,
or innovation in support of its unique
mission The following case studies illustrate how these Federal
agencies successfully migrated toward
cloud services consistent with the select / provision / manage
framework outlined in Section 2
1. Tailoring solution to protect security and maximize value
36. In 2008, the Army Experience Center (AEC) realized that it
needed a new Customer Relationship
Management (CRM) system to track personal and electronic
engagements with prospects and help
recruiting staff manage the recruitment process
After considering several options including upgrading their 10-
year-old legacy proprietary data system,
the Army chose a customized version of a commercially-
available SaaS solution This solution met their
unique security needs, fulfilled all of their functionality
requirements, and was delivered at a fraction of
the time and expense required to upgrade their legacy system
The Army followed many of the key factors outlined in Section
2 when migrating toward their cloud
solution:
Selecting a cloud solution
The Army placed a very high priority on security when
considering its CRM solution Before choosing
a cloud solution, the AEC carefully weighed the sources of
value and readiness of potential solutions
Efficiency: The AEC compared the cost of upgrading their
existing system to configuring a new SaaS
solution Initial bids to upgrade the existing system, ARISS,
which relied on traditional infrastructure,
ranged from $500,000 to over $1 million Initial pilots of the
SaaS solution cost as little as $54,000, just
over 10% of the minimum cost of an ARISS system upgrade
Agility: The AEC also considered the time required to deploy
the system Despite regular upgrades over
the years, it was infeasible to modify ARISS to meet the Army
37. Experience Center’s requirements The
SaaS solution could be provisioned in a fraction of the time
required to upgrade the ARISS system The
SaaS solution was also more scalable and would be far easier to
upgrade over time
Innovation: The SaaS solution integrated directly with e-mail
and Facebook, allowing recruiters to
connect with participants more dynamically after they left the
AEC Army recruiters could also access
information from anywhere These advancements would have
been very costly and time-consuming
to achieve with ARISS system upgrades In effect, the SaaS
solution allowed the AEC to take advantage
of the cloud vendor’s innovation engine without owning or
managing heavy IT assets
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
20★ ★
Security: The AEC ensured the cloud solution would be
sufficiently secure The SaaS solution was flex-
ible and could be configured to securely manage access,
sovereignty, and data retention requirements
Market availability: The SaaS solution was able to meet all of
the AEC’s requirements including the
ability to track AEC visitor and engagement data, compatibility
with handheld devices, and real-time
integration with marketing and recruitment data
Government readiness: The AEC ensured that it was both
capable and ready to migrate their services
38. to the cloud The AEC had experience implementing new
technologies, had a culture that supported
experimentation and improvement, and possessed the skills and
capacity to manage the transition well
Technology lifecycle: The AEC also evaluated the lifecycle of
its legacy solution The legacy ARISS system
was more than 10 years old in 2008 and was not burdened by
contract lock-down
Provisioning IT services
During provisioning, the AEC took an approach which was
distinctly different from the Army’s former
approach with ARISS This approach reflected the service-based
rather than asset-based nature of the
cloud service
Integrate services: As the Army transferred its recruitment
system to the cloud, it carefully engineered
its relationship with the vendor to ensure a successful migration
Realize value: With the cloud-based solution, the AEC has been
able to handle the workload of five
traditional recruitment centers The system has also resulted in
dramatically reduced hardware costs and
IT staff costs The Army has decommissioned, or re-purposed
for other systems, all hardware related to
the legacy ARISS system Its people have been spending more
time on more rewarding and higher-value
activities, shifting time from filing reports to engaging with
potential recruits
2. Provisioning to ensure competitiveness and capture value
USDA recently launched a broad initiative to modernize and
streamline USDA’s IT infrastructure As part
39. of this initiative, USDA aimed to consolidate 21 fragmented e-
mail systems and improve the productiv-
ity of its workers Rather than continuing efforts to consolidate
the fragmented environment internally,
the USDA chose a proven cloud-based email solution to
accelerate consolidation and take advantage
of the latest communication and collaboration tools
Effective provisioning was critical for the USDA to realize the
value of cloud migration Previously, the
USDA had focused on contracting for its 21 email systems As a
provisioner, the USDA needed to care-
fully aggregate demand, ensure integration with downstream
applications, reflect its priorities in its
contracts, and retire legacy systems to capture value
The USDA followed many of the key factors outlined in Section
2 when migrating toward their cloud
solution:
I I I . C A S E E X A M p L E S T O I L L U S T R AT E F
R A M E W O R K
21★ ★
Selecting a cloud solution
The USDA carefully evaluated the sources of value and service
readiness before choosing the cloud-
based solution:
Efficiency: Financially, the motivation to move to cloud was
compelling Eliminating the 21 fragmented
e-mail systems would drastically reduce duplication, not only
40. with software and hardware assets, but
also by reducing the number of system interfaces that need to be
maintained on a regular basis USDA
estimates that the cloud solution will save up to $6 million per
year, to include ongoing costs for hard-
ware refreshment and software upgrades
Agility: Consolidating and upgrading their fragmented
traditional environment would have taken years
to complete With the cloud solution, USDA was able to access
the cloud provider’s existing capacity
to accommodate its 120,000 users Migration would require
months rather than years Once complete,
the solution would be more scalable to the needs of USDA
Innovation: The cloud solution allowed USDA to make the
latest communication and collaboration
tools available to its workers including SharePoint, Office
Communications, and Live Meeting online
services In addition, USDA was able to incorporate e-discovery
and archive features
Market availability: The functionality offered by the cloud
solution met the needs of USDA The cloud
provider also had experience hosting very large email systems,
including 300,000 users from a large
private sector client Cloud-provided e-mail is a vibrant,
competitive market with several capable market
incumbents
Government readiness: Senior leadership was actively involved
and highly motivated to improve
the efficiency and quality of the email services The USDA CIO
was personally involved in many of the
decisions The broader transformation program also provided
valuable delivery resources to execute
41. the migration
Technology lifecycle: The 21 email systems were approaching
the end of their usable lifecycle and
were not burdened by inflexible contracts
Provisioning IT services
USDA’s provisioning approach reflected a service-based
mindset rather than an asset-based mindset
Aggregate demand: USDA implemented their cloud email
solution on an agency-wide level This
approach maximized benefits and addressed their primary,
fundamental concern – fragmented email
systems The approach also allowed USDA to take full
advantage of the momentum created by the
broader transformation agenda
Integrate services: An auxiliary contract was awarded to a
systems integrator to ensure the e-mail
system was properly integrated with the various interfacing
USDA systems Seven hundred applications
reliant upon email were analyzed – only four had to be recoded
to maintain operations
Contract effectively: USDA benchmarked their cloud provider
against the industry to ensure competi-
tive market rates USDA also embedded explicit SLAs into the
contract, according to its mission needs
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
22★ ★
42. Realize value: Previously used IT assets are on track to be
decommissioned and/or re-deployed as part
of the wider IT modernization strategy Individuals formerly
working on email have been reassigned
to higher-value projects and activities, with some continuing to
coordinate service delivery of email
Managing cloud services
USDA has revised its management approach to reflect a service-
based rather than asset-based mindset
Build new management skills: USDA built up its contract
management and performance manage-
ment capabilities to support the new cloud environment USDA
also relied on a system integrator to
temporarily provide the skills and expertise to successfully
complete the migration
Active monitoring: USDA will continuously monitor the SLAs
outlined in their cloud service contract
This includes security issues such as domestic storage of data
and performance metrics such as minimum
uptime, recovery speed, and bandwidth latency
3. Re-defining IT from an asset to a service
The Defense Information Systems Agency (DISA) provides
global infrastructure services to support US
and coalition fighting forces To better meet the needs of
defense-related computing needs domestically
and in the field, DISA decided to deploy its own Infrastructure-
as-a-Service (IaaS) solution
DISA’s Rapid Access Computing Environment (RACE) has
redefined defense infrastructure from an
43. asset management function to a service provisioning function
Since the inception of the cloud-based
solution, hundreds of military applications including command
and control systems, convoy control
systems, and satellite programs have been developed and tested
on RACE
DISA followed many of the key factors outlined in Section 2
when implementing their cloud solution:
Selecting a cloud solution
DISA determined that a private IaaS solution would realize the
desired improvements in efficiency,
agility, and innovation while maintaining strict security controls
Efficiency: RACE has been able to reach higher utilization
levels through cloud technologies than
previously available via traditional infrastructure by
aggregating demand and thus smoothing out peak
loads These improvements in utilization divide the costs of
provisioning and operating infrastructure
among a broader group of consumers
Agility: Using traditional infrastructure, provisioning a
dedicated server environment required 3 to 6
weeks With RACE, the time required to provision functional
service space for users is now 24 hours
Security: RACE has built-in application separation controls so
that all applications, databases, and
web servers are separate from each other DISA also has a strict
cleansing process, to be used when an
application needs to be removed from the RACE platform
44. I I I . C A S E E X A M p L E S T O I L L U S T R AT E F
R A M E W O R K
23★ ★
Managing cloud services
As DoD organizations obtain infrastructure through RACE, they
are able to shift focus toward software
design while interfacing with RACE staff through SLAs
Shift mindset: RACE has actively encouraged a service-based
mindset from its users DISA created a
self-service portal through which users can provision services in
50GB increments through a government
credit card Project and software designers have increasingly
used RACE to meet their infrastructure
needs rather than relying on custom infrastructure
configurations
Build new management skills: DISA built new capabilities to
support their operations On the supply
side, a single operational manager is ultimately responsible for
meeting cost and performance metrics
A new demand manager has also been added to solicit,
prioritize, and coordinate user needs for service
improvements
Actively monitor: DISA monitors and continuously improves a
number of SLAs focused on service
quality Performance dashboards include average and maximum
wait times for provisioning services
in the field
Re-evaluate periodically: Less than one year after launching the
45. IaaS service, DISA announced that it
would provide private SaaS services, such as the RightNow
installation for the Air Force
25★ ★
IV. CATALYZINg CLOUd AdOp TION
As agencies develop plans to migrate services to cloud
computing options, there are a number of
activities that Federal Government leadership can take to
facilitate adoption and mitigate risk Cloud
computing “accelerators,” described below, can help improve
the pace of evaluating candidate ser-
vices and acquisitions Government-wide Certification and
Accreditation (C&A) and security efforts
at the Department of Homeland Security (DHS) and NIST can
help agencies efficiently acquire cloud
computing capabilities and mitigate threats Procurement efforts
can be streamlined through the use
of government-wide procurement vehicles and storefronts such
as those found at Apps gov Further,
NIST is driving a standards effort that is focused on
requirements to ensure security, interoperability,
and portability among cloud service providers
1. Leveraging cloud computing accelerators
Cloud computing accelerators are resources available to
agencies to expedite the process of evaluating
cloud candidates, acquiring the cloud capability, and mitigating
risk 11
Cloud computing business case templates and examples
46. The Federal CIO Council has developed cloud computing
business cases and will continue to build this
library to support agencies in their cloud computing decisions
Agencies should seek out business cases of similar scope or
purpose to speed up the development of
their own cloud computing business cases (e g , decision criteria
for moving cloud email, cloud CRM,
cloud storage)
Government cloud computing community and resources
Agencies should participate in government cloud computing
working groups at NIST and GSA on topics
such as standards, reference architecture, taxonomy, security,
privacy and business use cases 12 Agencies
can also leverage portals, such as NIST’s Collaboration site,
which provides access to useful information
for cloud adopters 13 More cloud computing resources are
included in Appendix 2
Despite the resources discussed above, agencies may face a
number of issues that can impede their
ability to fully realize the benefits from a cloud computing
approach As in the case of all technology
advancement, these challenges will change over time, as the
cloud computing marketplace evolves In
the near-term, organizations within the Federal Government,
including OMB, NIST, GSA, and DHS, have
developed and continue to develop practical guidance on issues
related to security, procurement, and
standards and are establishing the governance foundation
required to support delivery
11 Adopted from Raines and Pizette, A Decision Process for
47. Applying Cloud Computing in Federal Environments, 2010
12 http://collaborate nist gov/twiki-cloud-
computing/bin/view/CloudComputing/WebHome,
http://www info apps gov/node/2
13 http://collaborate nist gov/twiki-cloud-
computing/bin/view/CloudComputing/WebHome
http://www.apps.gov/cloud/advantage/main/start_page.do
http://collaborate.nist.gov/twiki-cloud-
computing/bin/view/CloudComputing/WebHome
http://www.info.apps.gov/node
http://collaborate.nist.gov/twiki-cloud-
computing/bin/view/CloudComputing/WebHome
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
26★ ★
2. Ensuring a secure, trustworthy environment
As the Federal Government moves to the cloud, it must be
vigilant to ensure the security and proper
management of government information to protect the privacy
of citizens and national security
The transition to outsourced, cloud computing environment is in
many ways an exercise in risk manage-
ment Risk management entails identifying and assessing risk,
and taking the steps to reduce it to an
acceptable level Throughout the system lifecycle, risks that are
identified must be carefully balanced
against the security and privacy controls available and the
expected benefits Too many controls can
be inefficient and ineffective Federal agencies and
organizations should work to ensure an appropriate
48. balance between the number and strength of controls and the
risks associated with cloud computing
solutions
The Federal Government will create a transparent security
environment between cloud providers and
cloud consumers The environment will move us to a level
where the Federal Government’s under-
standing and ability to assess its security posture will be
superior to what is provided within agencies
today The first step in this process was the 2010 Federal Risk
and Authorization Management Program
(FedRAMP) FedRAMP defined requirements for cloud
computing security controls, including vulner-
ability scanning, and incident monitoring, logging and reporting
14 Implementing these controls will
improve confidence and encourage trust in the cloud computing
environment
To strengthen security from an operational perspective, DHS
will prioritize a list of top security threats
every 6 months or as needed, and work with a government-wide
team of security experts to ensure that
proper security controls and measures are implemented to
mitigate these threats
NIST will issue technical security guidance,15 such as that
focused on continuous monitoring for cloud
computing solutions, consistent with the six step Risk
Management Framework (Special Publication
800-37, Revision 1) 16
14 http://www fedramp gov
15 Ref National Institute of Standards and Technology (NIST)
statutory responsibilities for developing standards
49. and guidelines, Federal Information Security Management Act
(FISMA) of 2002, Public Law 107-347
16 http://www nist gov/itl/csd/guide_030210 cfm
http://www.fedramp.gov
http://www.nist.gov/itl/csd/guide_030210.cfm
I V. C ATA LY Z I N g C L O U d A d O p T I O N
27★ ★
Figure 5: NIST Risk Management Framework
Agencies assessing risk in the context of cloud computing
should consider both the potential security
benefits and potential vulnerabilities
Potential security benefits of using cloud computing services
include:
• the ability to focus resources on areas of high concern as
more general security services are
assumed by the cloud provider
• potential platform strength resulting from greater uniformity
and homogeneity, and result-
ing improved information assurance, security response, system
management, reliability, and
maintainability
• improved resource availability through scalability,
redundancy and disaster recovery capabili-
ties; improved resilience to unanticipated service demands
• improved backup and recovery capabilities, policies,
50. procedures and consistency
• ability to leverage alternate cloud services to improve the
overall security posture, including
that of traditional data centers
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
28★ ★
Agencies should also weigh the additional potential
vulnerabilities associated with various cloud
computing service and deployment models, such as:
• the inherent system complexity of a cloud computing
environment, and the dependency on
the correctness of these components and the interactions among
them
• the dependency on the service provider to maintain logical
separation in a multi-tenant
environment (n b , not unique to the cloud computing model)
• the need to ensure that the organization retains an appropriate
level of control to obtain
situational awareness, weigh alternatives, set priorities, and
effect changes in security and
privacy that are in the best interest of the organization
Key security considerations include the need to:
• carefully define security and privacy requirements during the
51. initial planning stage at the
start of the systems development life cycle
• determine the extent to which negotiated service agreements
are required to satisfy
security requirements; and the alternatives of using negotiated
service agreements or cloud
computing deployment models which offer greater oversight and
control over security and
privacy
• assess the extent to which the server and client-side
computing environment meets
organizational security and privacy requirements
• continue to maintain security management practices, controls,
and accountability over the
privacy and security of data and applications
In the short and long-term, these actions will continue to
improve our confidence in the use of cloud
services by helping to mitigate security risks
3. Streamlining procurement processes
Currently, the government often purchases commodities in a
fragmented non-aggregated fashion,
operating more like a federation of small businesses than an $80
billion enterprise To improve readiness
for cloud computing, the Federal Government will facilitate an
“approve once and use often” approach
to streamline the approval process for cloud service providers
For instance, a government-wide risk and
authorization program for IaaS solutions will allow agencies to
rely on existing authorizations so only
additional, agency-specific requirements will need to be
authorized separately The GSA’s IaaS contract
52. award is an example of this “approve once and use often”
approach It offers 12 approved cloud vendors
to provide agencies with cloud storage, virtual machines, and
web hosting services Approaches such
as this will eliminate unnecessary cost and delivery delays
associated with duplication of effort
As the number of government cloud providers increases, GSA
will provide comparison tools to transpar-
ently compare cloud providers side-by-side These tools will
allow agencies to quickly and effectively
select the best offering for their unique needs Examples include
Apps gov, which provides a centralized
storefront where agencies can easily browse and compare cloud
SaaS and IaaS offerings from previous
http://www.apps.gov/cloud/advantage/main/start_page.do
I V. C ATA LY Z I N g C L O U d A d O p T I O N
29★ ★
Multiple Award Schedule (MAS) 70 contract holders Tools
such as these will reduce the burden on agen-
cies to conduct their own RFP processes and will concentrate
investments in the highest-performing
cloud providers
Furthermore, GSA will establish contract vehicles for
government-wide commodity services (e g , email)
These contract vehicles will reduce the burden on agencies for
the most common IT services GSA will
also create working groups to support commodity service
migration These working groups will develop
technical requirements for shared services to reduce the
53. analytical burden on individual government
agencies For example, the SaaS E-mail working group
established in June 2010 is synthesizing require-
ments for government-wide e-mail services Working groups
will also create business case templates
for agencies that are considering transitioning to cloud
technologies
Federal Government contracts will also provide riders for state
and local governments These riders will
allow all of these governments to realize the same procurement
advantages of the Federal Government
Increasing membership in cloud services will further drive
innovation and cost efficiency by increasing
market size and creating larger efficiencies-of-scale
4. Establishing cloud computing standards
Standards will be critical for the successful adoption and
delivery of cloud computing, both within the
public sector and more broadly Standards encourage
competition by making applications portable
across providers, allowing Federal agencies to shift services
between providers to take advantage of cost
efficiency improvements or innovative new product
functionality Standards are also critical to ensure
clouds have an interoperable platform so that services provided
by different providers can work together,
regardless of whether they are provided using public, private,
community, or a hybrid delivery model
NIST will play a central role in defining standards, and
collaborating with Agency CIOs, private sector
experts, and international bodies to identify, prioritize, and
reach consensus on standardization priori-
ties 17 In 2010, NIST conducted engagement workshops to
identify and prioritize needs Going forward,
54. NIST will generate, assess, and revise a cloud computing
roadmap on a periodic basis This roadmap will
iteratively define and track the agreed-upon cloud computing
priorities in order to coordinate cloud
efforts across stakeholders
NIST will maintain a leadership role in prioritizing, developing,
evolving and refining standards over
time as the collective requirements for standards evolve in
response to operationally driven innovation
and technology evolution NIST has already helped to establish
broadly adopted definitions for the four
commonly recognized cloud deployment models (i e , private,
public, hybrid, and community) and three
service models (i e , Infrastructure as a Service, Platform as a
Service, and Software as a Service), as dis-
cussed in Section 1 However, these definitions need to be
expanded to more comprehensively define a
reference architecture and taxonomy to provide a common frame
of reference for communication NIST
is currently working with industry and other cloud computing
stakeholders to define a neutral reference
architecture that is not tied to a specific set of vendor solutions
or products or constrained in such a
17 Ref National Institute of Standards and Technology (NIST)
is directed to bring together Federal agencies, as
well as State and local governments, to achieve greater reliance
on voluntary standards and decreased dependence on
in-house standards , National Technology Transfer and
Advancement Act (NTTAA) 1995, Public Law 104 -113
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
55. 30★ ★
way that it will inhibit innovation As cloud providers create
new solutions, this reference architecture
will serve as the basis for an “apples to apples” comparison of
cloud computing services This will help
agencies to understand how various services fit together
Similarly, NIST will need to expand these
definitions as new deployment models arise
NIST will work with agencies to define a set of “target”
business use cases that pose the greatest chal-
lenges by risks, concerns, or constraints NIST will help to
identify operationally driven priorities for
cloud computing standards and guidance by working with
Federal agencies and other stakeholders to
define a set of mission driven scenarios for cloud computing
implementation and operations These will
be used to focus and help to translate mission requirements into
technical portability, interoperability,
reliability, maintainability and security requirements For
example, a business use case may reflect the
migration of patent application software to cloud IaaS Once
identified, NIST will work with agencies and
industry to model, using a vendor neutral reference architecture
and taxonomy as a frame of reference,
various options for addressing these challenges Ultimately, this
research will result in the definition of
new standards, guidance, and technology requirements 18
NIST will continue to execute the tactical Standards
Acceleration to Jumpstart Adoption of Cloud
Computing (SAJACC) project, which plays a role in validating
key cloud specifications and sharing
information, in order to build confidence in cloud computing
technology before formalized standards
56. are available To date, SAJACC has defined 24 generic
technical use cases that can be used to validate key
interoperability, security, and portability requirements One
example is the ability to move data in to and
out of a cloud provider’s environment, and to verify that data is
adequately deleted when removed using
commonly available interfaces defined by industry SAJACC
will support industry in moving forward
with standardization in parallel with the formal consensus based
standards organizations’ processes
5. Recognizing the international dimensions of cloud computing
The growth of any new technology presents two fundamental
dynamics: (1) the power to transform
and (2) the need to examine existing paradigms in that same
field Cloud computing has brought to the
forefront several international policy issues that need to be
addressed over the next decade as cloud
computing matures Issues to consider include:
• Data sovereignty, data in motion, and data access: How do
countries strike the proper balance
between privacy, security and intellectual property of national
data?
• Are there needs for international cloud computing legal,
regulatory, or governance frameworks?
• Cloud computing codes of conducts for national governments,
industry, and non-governmental
organizations
• Data interoperability and portability in domestic and
international settings
• Ensuring global harmonization of cloud computing standards
57. 18 www nist gov/itl/cloud/bususecases cfm
www.nist.gov/itl/cloud/bususecases.cfm
I V. C ATA LY Z I N g C L O U d A d O p T I O N
31★ ★
6. Laying a solid governance foundation
This strategy is the first step in the process of migrating
towards cloud technologies, both within the
public and private sector The Federal Government will play a
vital role throughout this process to
identify and resolve cloud issues of national importance As
issues are increasingly resolved, the Federal
Government will re-focus its priorities towards more pressing
issues
To effectively manage these governance issues in the long-term,
the Federal Government needs to lay
a stable governance foundation that will outlast single
individuals or administrations To the best extent
possible, individuals or committees should have explicitly
defined roles, non-overlapping responsibilities,
and a clear decision-making hierarchy These steps will
empower the government for action, minimize
unnecessary bureaucracy, and ensure accountability for results
The following bodies will therefore have these roles and
responsibilities:
• National Institute of Standards and Technology (NIST) will
lead and collaborate with Federal, State,
and local government agency CIOs, private sector experts, and
58. international bodies to identify
and prioritize cloud computing standards and guidance
• General Service Administration (GSA) will develop
government-wide procurement vehicles and
develop government-wide and cloud-based application solutions
where needed
• Department of Homeland Security (DHS) will monitor
operational security issues related to the
cloud
• Agencies will be responsible for evaluating their sourcing
strategies to fully consider cloud
computing solutions
• Federal CIO Council will drive government-wide adoption of
cloud, identify next-generation
cloud technologies, and share best practices and reusable
example analyses and templates
• The Office of Management and Budget (OMB) will coordinate
activities across governance bodies,
set overall cloud-related priorities, and provide guidance to
agencies
33★ ★
V. CONCLUSION
Cheaper processors, faster networks, and the rise of mobile
devices are driving innovation faster than
ever before Cloud computing is a manifestation and core
59. enabler of this transformation Just as the
Internet has led to the creation of new business models
unfathomable 20 years ago, cloud computing
will disrupt and reshape entire industries in unforeseen ways
To paraphrase Sir Arthur Eddington – the
physicist who confirmed Einstein’s Theory of General
Relativity – cloud computing will not just be more
innovative than we imagine; it will be more innovative than we
can imagine
IDC predicted that by this year, the digital universe would be 10
times the size it was in 2006 – that is, nine
times more digital content would be created within five years
than all of history before 19 This explosion
of data, combined with the mobilization of digital access,
portends major improvements in on-the-go
intelligence Examples of transformative changes exist across
all government agencies and it is the
responsibility of those in government to be in the forefront of
bringing these innovative services to the
American people It is very easy to envision new services such
as personalized flu outbreak warnings
for expectant mothers and real-time traffic advisories performed
by Federal and local governments
Cloud computing will enable a fundamental shift in how we
serve the American people Citizens empow-
ered to see their homes’ electricity use in real-time will be able
to make more intelligent consumption
choices Citizens able to access their health records
electronically will be able to easily share them with
doctors and providers, and thus improve their healthcare
Citizens able to create and share performance
dashboards will be able to shine a light on the government’s
performance as easily as they create and
share YouTube videos today
60. Our responsibility in government is to achieve the significant
cost, agility and innovation benefits of
cloud computing as quickly as possible The strategy and
actions described in this paper are the means
for us to get started immediately Given that each agency has
unique mission needs, security require-
ments, and IT landscape, we ask that each agency think through
the attached strategy as a next step
Each agency will evaluate its technology sourcing strategy so
that cloud computing options are fully
considered, consistent with the Cloud First policy
19 Gantz, John The Diverse and Exploding Digital Universe:
An Updated Forecast on Worldwide Information Growth
through 2011 March 2008
35★ ★
AppENdIX 1: pOTENTIAL
SpENdINg ON CLOUd
COMpUTINg BY AgENCY
Source: Agency estimates reported to the Office of Management
and Budget (OMB).
61. 37★ ★
AppENdIX 2: AgENCY RESOURCES
FOR CLOUd COMpUTINg
General
• The ABCs of Cloud Computing: A comprehensive cloud
computing portal where agencies
can get information on procurement, security, best practices,
case studies and technical
resources (GSA / http://www info apps gov)
• Cloud Computing Migration Framework: A series of technical
white papers on cloud
computing, including a decision-making framework,
cost/business case considerations,
service level agreement provisions, information security, a PaaS
analysis and a survey of
market segments and cloud products categories (MITRE /
http://www mitre
org/work/info_tech/cloud_computing/technical_papers/index
html)
• Successful Case Studies: A report which details 30
illustrative cloud computing case studies
at the Federal, state and local government levels (CIO Council
/
http://www info apps
gov/sites/default/files/StateOfCloudComputingReport-
FINALv3_508 pdf )
• Cloud Computing Definition: Includes essential
characteristics as well as service and
deployment models (NIST /
62. http://csrc nist gov/publications/drafts/800-145/Draft-SP-800-
145_cloud-definition pdf )
Security
• Centralized Cloud Computing Assessment and Authorization:
The Federal Risk and
Authorization Management Program (FedRAMP) has been
established to provide a standard,
centralized approach to assessing and authorizing cloud
computing services and products
FedRAMP will permit joint authorizations and continuous
security monitoring services for
government and commercial cloud computing systems intended
for multi-agency use It will
enable the government to buy a cloud solution once, but use it
many times (CIO Council /
http://www fedramp gov)
• Primer on Cloud Computing Security: A white paper that
seeks to clarify the
variations of cloud services and examine the current and near-
term poten-
tial for Federal cloud computing from a cybersecurity
perspective (DHS /
http://www info apps
gov/sites/default/files/Cloud_Computing_Security_Perspective
doc)
• Privacy Recommendations for Cloud Computing: A paper
which highlights potential
privacy risks agencies should consider as they migrate to cloud
computing (CIO Council /
http://www cio gov/Documents/Privacy-Recommendations-
Cloud-Computing-8-19-2010 docx)
64. • Cloud Computing Procurement Assistance: Apps gov is an
online cloud computing (SaaS,
IaaS, PaaS) storefront that encourages and enable the adoption
of cloud computing solutions
across the Federal Government Apps gov offers a
comprehensive set of business, infrastruc-
ture, productivity and social media applications It eliminates
unnecessary research, analysis
and redundant approvals, requisitions and service level
agreements across the government
by providing agencies a fast, easy way to buy the tools they
need (GSA / https://apps gov/ )
Standards
• Federal Cloud Computing Collaboration Page: The National
Institute of Standards
and Technology (NIST) has been designated by the Federal CIO
to accelerate the Federal
Government’s secure adoption of cloud computing by leading
efforts to develop standards
and guidelines in close consultation and collaboration with
standards bodies, the private
sector, and other stakeholders This site provides an avenue for
interested stakeholders to
collaborate with NIST in developing interoperability, portability
and security standards, busi-
ness and technical use cases, and a cloud computing reference
architecture and taxonomy
(http://collaborate nist gov/twiki-cloud-
computing/bin/view/CloudComputing/WebHome)
Technical Resources
• CIO Council Executive Cloud Computing Executive Steering
65. Committee (CCESC): The
CCESC was established by the Federal CIO Council to provide
strategic direction and over-
sight for the Federal Cloud Computing Initiative Under the
CCESC, there exists a Cloud
Computing Advisory Council and multiple working groups that
further enable the adoption
of cloud computing across the government (Chaired by
USAID)
− CIO Council Cloud Computing Advisory Council (CCAC):
The CCAC was established at the
behest of the CCESC to serve as a collaborative environment for
senior IT experts from
across the Federal Government CCAC members serve as
agency resources best practices
dissemination, consensus building for key Federal Cloud
Computing initiatives, and the
sharing of existing/planned cloud computing projects (Chaired
by USAID)
http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37-
rev1-final.pdf
http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-
144_cloud-computing.pdf
Apps.gov
Apps.gov
https://apps.gov
http://collaborate.nist.gov/twiki-cloud-
computing/bin/view/CloudComputing/WebHome
A p p E N d I X 2 : A g E N C Y R E S O U R C E S F O R
C L O U d C O M p U T I N g
39★ ★
66. − CIO Council Cloud Computing E-mail Working Group: The
E-mail Working Group will be
the source of SaaS email information, solutions, and processes
that foster adoption of SaaS
email across the Federal Government (Chaired by DOI)
− CIO Council Cloud Computing Security Working Group:
The Security Working Group sup-
ports FedRAMP, a centralized cloud computing assessment and
authorization body that
can be leveraged by multiple agencies (Chaired by GSA)
− CIO Council Cloud Computing Standards Working Group:
The Standards Working Group
will lead government-wide efforts to define cloud computing
security, portability and
interoperability standards, target Federal business and technical
use cases, and a reference
architecture (Chaired by NIST)
Additional workgroups will be stood up by the CIO Council as
the work of the Federal Cloud Computing
Initiative evolves
F E B R U A R Y 8 , 2 0 1 1
Vivek Kundra
U.S. Chief Information Officer
F E D E R A L C L O U D
C O M P U T I N G S T R AT E G Y
67. i★ ★
TABLE OF CONTENTS
Executive Summary
1
I Unleashing the Power of Cloud
5
1 Defining cloud computing
5
2 Cloud is a fundamental shift in IT
6
3 Cloud computing can significantly improve public sector IT
6
II Decision Framework for Cloud Migration
11
1 Selecting services to move to the cloud
11
2 Provisioning cloud services effectively
15
3 Managing services rather than assets
16
68. III Case Examples to Illustrate Framework
19
1 Tailoring solution to protect security and maximize value
19
2 Provisioning to ensure competitiveness and capture value
20
3 Re-defining IT from an asset to a service
22
IV Catalyzing Cloud Adoption
25
1 Leveraging cloud computing accelerators
25
2 Ensuring a secure, trustworthy environment
26
3 Streamlining procurement processes
28
4 Establishing cloud computing standards
29
5 Recognizing the international dimensions of cloud computing
30
6 Laying a solid governance foundation
31
V Conclusion
33
69. Appendix 1: Potential Spending on Cloud Computing By
Agency 35
Appendix 2: Agency Resources for Cloud Computing
37
1★ ★
EXECUTIVE SUMMARY
The Federal Government’s current Information Technology (IT)
environment is characterized by low
asset utilization, a fragmented demand for resources,
duplicative systems, environments which are dif-
ficult to manage, and long procurement lead times These
inefficiencies negatively impact the Federal
Government’s ability to serve the American public
Cloud computing has the potential to play a major part in
addressing these inefficiencies and improving
government service delivery The cloud computing model can
significantly help agencies grappling with
the need to provide highly reliable, innovative services quickly
despite resource constraints
Commercial service providers are expanding their available
cloud offerings to include the entire tradi-
tional IT stack of hardware and software infrastructure,
middleware platforms, application system com-
ponents, software services, and turnkey applications The
private sector has taken advantage of these
technologies to improve resource utilization, increase service
responsiveness, and accrue meaningful
70. benefits in efficiency, agility, and innovation Similarly, for the
Federal Government, cloud computing
holds tremendous potential to deliver public value by increasing
operational efficiency and responding
faster to constituent needs
An estimated $20 billion of the Federal Government’s $80
billion in IT spending is a potential target for
migration to cloud computing solutions (Appendix 1) 1
Figure 1: Estimated portion of Federal IT spend able to move to
the cloud
1 Based on agency estimates as reported to the Office of
Management and Budget (OMB)
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
2★ ★
To harness the benefits of cloud computing, we have instituted a
Cloud First policy This policy is intended
to accelerate the pace at which the government will realize the
value of cloud computing by requiring
agencies to evaluate safe, secure cloud computing options
before making any new investments
By leveraging shared infrastructure and economies of scale,
cloud computing presents a compelling
business model for Federal leadership Organizations will be
able to measure and pay for only the IT
resources they consume, increase or decrease their usage to
71. match requirements and budget con-
straints, and leverage the shared underlying capacity of IT
resources via a network Resources needed
to support mission critical capabilities can be provisioned more
rapidly and with minimal overhead and
routine provider interaction
Cloud computing can be implemented using a variety of
deployment models – private, community,
public, or a hybrid combination
Cloud computing offers the government an opportunity to be
more efficient, agile, and innovative
through more effective use of IT investments, and by applying
innovations developed in the private
sector If an agency wants to launch a new innovative program,
it can quickly do so by leveraging cloud
infrastructure without having to acquire significant hardware,
lowering both time and cost barriers to
deployment
This Federal Cloud Computing Strategy is designed to:
• Articulate the benefits, considerations, and trade-offs of
cloud computing
• Provide a decision framework and case examples to support
agencies in migrating towards
cloud computing
• Highlight cloud computing implementation resources
• Identify Federal Government activities and roles and
responsibilities for catalyzing cloud
adoption
72. Following the publication of this strategy, each agency will re-
evaluate its technology sourcing strategy
to include consideration and application of cloud computing
solutions as part of the budget process
Consistent with the Cloud First policy, agencies will modify
their IT portfolios to fully take advantage
of the benefits of cloud computing in order to maximize
capacity utilization, improve IT flexibility and
responsiveness, and minimize cost
E X E C U T I V E S U M M A R Y
3★ ★
Figure 2: Cloud benefits: Efficiency, Agility, Innovation
EFFICIENCY
Cloud Benefits Current Environment
• Improved asset utilization (server utilization >
60-70%)
• Aggregated demand and accelerated system con-
solidation (e g , Federal Data Center Consolidation
Initiative)
• Improved productivity in application develop-
ment, application management, network, and
end-user
• Low asset utilization (server utilization < 30%
typical)
• Fragmented demand and duplicative systems
73. • Difficult-to-manage systems
AGILITY
Cloud Benefits Current Environment
• Purchase “as-a-service” from trusted cloud
providers
• Near-instantaneous increases and reductions in
capacity
• More responsive to urgent agency needs
• Years required to build data centers for new
services
• Months required to increase capacity of existing
services
INNOVATION
Cloud Benefits Current Environment
• Shift focus from asset ownership to service
management
• Tap into private sector innovation
• Encourages entrepreneurial culture
• Better linked to emerging technologies (e g ,
devices)
• Burdened by asset management
• De-coupled from private sector innovation
74. engines
• Risk-adverse culture
5★ ★
I. UNLEASHINg THE
pOWER OF CLOUd
Cloud computing describes a broad movement to treat IT
services as a commodity with the ability to
dynamically increase or decrease capacity to match usage needs
By leveraging shared infrastructure
and economies of scale, cloud computing presents Federal
leadership with a compelling business
model It allows users to control the computing services they
access, while sharing the investment in
the underlying IT resources among consumers When the
computing resources are provided by another
organization over a wide-area network, cloud computing is
similar to an electric power utility The pro-
viders benefit from economies of scale, which in turn enables
them to lower individual usage costs and
centralize infrastructure costs Users pay for what they
consume, can increase or decrease their usage,
and leverage the shared underlying resources With a cloud
computing approach, a cloud customer can
spend less time managing complex IT resources and more time
investing in core mission work
1. Defining cloud computing
Cloud computing is defined by the National Institute of
75. Standards and Technology (NIST)2 as “a model for
enabling convenient, on-demand network access to a shared
pool of configurable computing resources
(e g , networks, servers, storage, applications, and services) that
can be rapidly provisioned and released
with minimal management effort or service provider interaction
”3 NIST has identified five essential
characteristics of cloud computing: on-demand service, broad
network access, resource pooling, rapid
elasticity, and measured service 4
Cloud computing is defined to have several deployment models,
each of which provides distinct
trade-offs for agencies which are migrating applications to a
cloud environment NIST defines the cloud
deployment models as follows:
• Private cloud. The cloud infrastructure is operated solely for
an organization It may be managed
by the organization or a third party and may exist on premise or
off premise
• Community cloud. The cloud infrastructure is shared by
several organizations and supports a
specific community that has shared concerns (e g , mission,
security requirements, policy, and
compliance considerations) It may be managed by the
organizations or a third party and may
exist on premise or off premise
• Public cloud. The cloud infrastructure is made available to
the general public or a large industry
group and is owned by an organization selling cloud services
• Hybrid cloud The cloud infrastructure is a composition of
two or more clouds (private, com-
76. munity, or public) that remain unique entities but are bound
together by standardized or
proprietary technology that enables data and application
portability (e g , cloud bursting for
load-balancing between clouds)
2 http://csrc nist gov/groups/SNS/cloud-computing/cloud-def-
v15 doc
3 http://csrc nist gov/groups/SNS/cloud-computing/cloud-def-
v15 doc
4 http://csrc nist gov/groups/SNS/cloud-computing/cloud-def-
v15 doc
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-
v15.doc
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-
v15.doc
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-
v15.doc
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
6★ ★
Cloud computing can also categorized into service models
These are defined by NIST to be:
• Cloud Software as a Service (SaaS). The capability provided
to the consumer is to use the pro-
vider’s applications running on a cloud infrastructure The
applications are accessible from
various client devices through a thin client interface such as a
web browser (e g , web-based
email) The consumer does not manage or control the underlying
cloud infrastructure including
77. network, servers, operating systems, storage, or even individual
application capabilities, with
the possible exception of limited user-specific application
configuration settings
• Cloud Platform as a Service (PaaS) The capability provided
to the consumer is the ability to
deploy onto the cloud infrastructure consumer-created or
acquired applications created using
programming languages and tools supported by the provider
The consumer does not manage
or control the underlying cloud infrastructure including
network, servers, operating systems,
or storage, but has control over the deployed applications and
possibly application hosting
environment configurations
• Cloud Infrastructure as a Service (IaaS). The capability
provided to the consumer is to provision
processing, storage, networks, and other fundamental computing
resources where the con-
sumer is able to deploy and run arbitrary software, which can
include operating systems and
applications The consumer does not manage or control the
underlying cloud infrastructure
but has control over operating systems, storage, deployed
applications, and possibly limited
control of select networking components (e g , host firewalls)
2. Cloud is a fundamental shift in IT
Cloud computing enables IT systems to be scalable and elastic
End users do not need to determine
their exact computing resource requirements upfront Instead,
they provision computing resources as
required, on-demand Using cloud computing services, a Federal
agency does not need to own data
78. center infrastructure to launch a capability that serves millions
of users
3. Cloud computing can significantly improve public sector IT
A number of government agencies are adopting cloud
technologies and are realizing considerable
benefits For instance, NASA Nebula,5 through a community
cloud, gives researchers access to IT services
relatively inexpensively in minutes Prior to adopting this
approach, it would take researchers months
to procure and configure comparable IT resources and
significant
5 http://nebula nasa gov/services/
http://nebula nasa gov/blog/
http://nebula.nasa.gov/services
http://nebula.nasa.gov/blog
I . U N L E A S H I N g T H E p O W E R O F C L O U d
7★ ★
management oversight to monitor and upgrade systems
Applying cloud technologies across the entire
Federal Government can yield tremendous benefits in
efficiency, agility, and innovation These benefits
are described below
Efficiency improvements will shift resources towards higher-
value activities
In FY2010, approximately thirty cents of every dollar invested
in Federal IT was spent on data center infra-
structure 6 Unfortunately, only a fraction of this investment
79. delivers real, measurable impact for American
citizens By using the cloud computing model for IT services,
we will be able to reduce our data center
infrastructure expenditure by approximately 30%7 (which
contributes to the estimated $20 billion of IT
spending that could be migrated to cloud computing solutions)
Similar efficiency improvements will
be seen in software applications and end-user support These
savings can be used to increase capacity
or be re invested in agency missions, including citizen-facing
services and inventing and deploying new
innovations Cloud computing can allow IT organizations to
simplify, as they no longer have to maintain
complex, heterogeneous technology environments Focus will
shift from the technology itself to the
core competencies and mission of the agency
Assets will be better utilized
Across the public and private sectors, data center infrastructure
investments are not utilized to their
fullest potential For example, according to a recent survey,
many agencies are not fully utilizing their
available storage capacity and are utilizing less than 30% of
their available server capacity 8 Low utiliza-
tion is not necessarily a consequence of poor management, but,
instead, a result of the need to ensure
that there is reserve capacity to meet periodic or unexpected
demand for key functions
With cloud computing, IT infrastructure resources are pooled
and shared across large numbers of
applications and organizations Cloud computing can
complement data center consolidation efforts
by shifting workloads and applications to infrastructures owned
and operated by third parties Capacity
can be provisioned to address the peak demand across a group
80. of applications, rather than for a single
application When demand is aggregated in this fashion and
properly managed, the peaks and troughs
of demand smooth out, providing a more consistent and
manageable demand profile
As utilization is improved, more value is derived from the
existing assets, reducing the need to continu-
ously increase capacity Fewer machines mean less spending on
hardware, software, and operations
maintenance, real estate, and power consumption
Demand aggregation will reduce duplication
The shift to cloud computing can help to mitigate the
fragmented data, application, and infrastructure
silo issues associated with federated organizational and funding
models by focusing on IT services as
a utility IT services become candidates for more cost effective
procurement and management, similar
to the model currently used for buildings and utility services
6 President’s FY2011 Budget
7 Gartner IT Key Metrics Data 2009, Bloomberg, McKinsey
analysis
8 Agency Data Center Consolidation Plans submitted to OMB,
August 2010
F E d E R A L C L O U d C O M p U T I N g S T R AT E g Y
8★ ★
Cloud computing has the potential to provide a more
interoperable and portable environment for data
and systems With the appropriate standards, over time,