Cloud Sandbox? The time is now

Posted by: Carter Raines on: March 3, 2009

• In: Uncategorized
• Comment!

Two years ago, while serving at GSA as the Product Manager for USA.gov Technologies, I was asked along with others to come up with “Big Ideas for 2013″.  I put together the following whitepaper with a concept for a Government Cloud Sandbox.  The primary idea was to elminate barriers to entry for government technologists into new areas like Could Computing, SaaS, & platform computing.  Too often, the opportunity to leverage a cost saving technology in government is squelched by the seemingly endless set of security, 508 compliancy and contracting hurdles.  While each of these technologies can meet the Feds requirements, the process repeats itself everytime someone at an agency at any level trys to get started with a new technology.

On the other hand, companies that promote this technology do not see a value proposition in trying to work with Government.  When your are trying to sell your product to a small government group, lets say1000 people (not small is it?), its not worth it to a product company to adjust their product to meet Government regulations.  A product that costs 20k soon becomes a 500k project. 

So what happens? IT shops go the traditional route and build it, add contractors, and manage it, costing millions for something that a commercial company would only pay thousands for.

So where are we now?  This article is not a shot at GSA.  In fact, they have grown by leaps in bounds.  Their move to Terramark, a virtual/cloud host was one of the best moves I’ve seen in Government.  They continue to push free Cloud/SaaS products like Youtube, Facebook and others to adjust their user & legal agreements to allow Government to leverage them.  They’ve moved their USASearch product to a cheaper, more agile host, using Bing.  The point of the article is to say, they’re ready.

We don’t need to wait till 2013.  The Feds are ready to work with vendors to create a cloud computing sandbox, that will allow the little guys in government IT to show what they’re made of and create great applications, using the best in Cloud/SaaS technology, and show their organziations what can be done without having to navigate their own internal processes. 

The original idea:

Create a Cloud Computing Sandbox, and related Cloud Computing BPA.

Description of Goal:

Cloud Computing and Software as a Service (CC/SaaS) is a hot topic on the minds of government IT executives due to its potential for a high ROI, rapid development timeframes and minimal infrastructure cost. However those same executives are afraid to make the initial investment to enter into the CC/SaaS space, and are hesitant to shift from a conventional environment to a cloud based infrastructure. While there is resistance from government IT executives to invest in CC/SaaS applications, low to senior technical employees are embracing the technology, following their peers in private industry. The issue lies in the fact that these employees do not have enough influence or resources to start in the space. For those who push forward, they are left re-creating the wheel when it comes to major requirements like 508 compliance and Security Certification and Accreditation (C&A). On the other side of the equation, CC/SaaS companies are having much of the same issue. Since the commercial sector is far ahead of the government in embracing the CC/SaaS platform, the focus of CC/SaaS companies is not in the government sector. When an RFP is released for bid, CC/SaaS companies lack experience or staff to reply properly to a government RFP, if they reply at all. Or, the company cannot see the value in updating their product to align with government requirements. This creates an especially dangerous dynamic where companies are not incorporating accessibility compliance into their development roadmap, increasing the gap between the capabilities in commercial and government sectors. A frequent example is the heavy use of Ajax in commercial UI’s, and its lack of 508 compliance. While this gap cannot be solved with this “Big Idea,” this can be an effort by USA.gov to bring the two communities together, and to influence the industry through numbers. By creating a “Cloud Computing Sandbox” and a related BPA, we have an opportunity to lead, enabling government agencies to easily collaborate, develop, and purchase CC/SaaS based applications. We can’t afford to ignore this issue, or we may someday be left with “government technology” and “commercial technology.”

 Actions to Achieve Goal:

1. Use USA.gov’s leverage to seek a low or no cost partnership with cloud providers. The partnership would open up their development API’s to government “affiliates”, allowing them to create CC/SaaS applications without the advertisements that are currently included in free versions of their products. Create a usage ceiling, where if the application reached a touchpoint threshold, the affiliate’s organization would be required to purchase the tools off of the “USA.gov Cloud Computing BPA” to continue.

2. Leveraging the Webcontent.gov and USASearch Affiliate communities, build a community around the free tools, encouraging the developers and IT professionals from across the government to collaborate on research, innovation, government security and accessibility requirements.

3. Create a CC/SaaS BPA and award to 25 CC/SaaS companies with provisions for security and section 508 accessability (VPAT), streamlining the purchase of these technologies.

How Do We Measure Success:

1. Recognition as a government leader in technology best practice and education would continue to increase.
2. # of affiliates added to the community
3. # of applications created
4. # of touchpoints from the applications, (until they are funded by the organization themselves via the BPA)

Who’s in the cloud?
Google, Zoho, Amazon, Booze Allen, Yahoo, Microsoft, Salesforce