Cloudy Days are Here to Stay

Cloud services have allowed federal agencies to meet the demands of quickly scaling digital government initiatives while maintaining a high level of security. It's also been a huge money-saver. The government has yielded $4.7 billion in savings by closing data centers and relying more and more on cloud. The federal government spent a total of $12.3 billion in FY22 on cloud goods and services, a 30 percent increase from the previous year.

To ensure agencies continue to see savings amidst increased spending, there are several initiatives in place to modernize how government procures and pays for cloud services.

FedRAMP as Law

The Federal Risk and Authorization Management Program (FedRAMP) was codified into law as part of the 2023 National Defense Authorization Act (NDAA). Becoming law does not mean it will be stagnant. The NDAA listed several improvements to the program including:

• Encouraging reuse of security assessments to establish a "presumption of adequacy" for cloud technologies that have received FedRAMP certification
• Facilitating the use of cloud technologies that have already received an authorization-to-operate (ATO) by requiring agencies to reuse any existing security assessment before conducting their own
• Establishing a Federal Secure Cloud Advisory Committee to ensure dialogue among General Services Administration (GSA), agency cybersecurity and procurement officials, and industry for effective and ongoing coordination in acquisition and adoption of cloud products by the Federal Government

GSA is taking their role in cloud enablement to heart with an examination of procurement best practices.

Buying the Cloud

This summer, GSA began a formal evaluation of how it can adopt private sector payment practices for federal agencies buying cloud services. Currently, federal agencies typically pay for SaaS offerings in monthly arrears as opposed to an annual fee that is widely used by commercial companies. The monthly payment structure stems from a 200-year-old law designed to protect the government from paying for goods and services they may never receive. Cloud licenses are categorized as a service and, as such, must be paid monthly. This monthly payment tends to drive up costs for cloud by 10-20%. Over the next year, there will likely be new guidance from GSA as to how cloud services can be billed within the confines of federal procurement structures.

Looking Ahead to Multi-Cloud

With the explosion of cloud use, most agencies are operating in a multi-cloud environment. The complexity of these systems has the potential to impact the efficiency of cloud. The Multi-Cloud Innovation and Advancement Act aims to task GSA, National Institute of Standards and Technology, Cybersecurity and Infrastructure Security Agency and the U.S. Digital Service to jointly craft guidance to show how agencies can deploy "multi-cloud software technology to allow for applications, data and programs to be portable and interoperable between public, private, and edge cloud environments." This interoperability is needed to ensure that cloud solutions continue to move the government's digital services and goals forward.

GovEvents and GovWhitePapers feature a wide variety of guidance and insight on cloud use in government.

• KubeCon | CloudNativeCon 2023 (November 6-9, 2023; Chicago, IL) - This conference gathers adopters and technologists from leading open source and cloud native communities to further the education and advancement of cloud native computing.
• 2023 Technology & Transformation Summit (November 16, 2023; Washington, DC and virtual) - Government leaders and industry experts discuss the transformation of mission delivery through IT innovation, personnel, security, and cloud technology.
• Managing a Multi-Cloud Environment (November 30, 2023; virtual) - This workshop will share examples of successful multi-cloud deployments and associated lessons learned to include tips for securing multi-cloud environments, multi-cloud strategy and implementation best practices, understanding common risks, and more.
• 2023 Survey Event | Multicloud: Navigating the Complexities of Multiple Clouds (December 6, 2023; webcast) - This study takes a fresh look at multi-cloud adoption trends in the face of a looming recession, tech layoffs, and the excitement about the advancements of artificial technologies.
• Cloud Native vs. Cloud Smart: Cloud Success Reimagined (white paper) - Learn what government experts shared about the strategies, challenges, and successes they have had with cloud migration.
• Successfully Adopting a Multicloud Operating Model in Public Sector (white paper) - This document intends to close the gap in understanding multicloud and multicloud operating models.

Check out GovEvents and GovWhitePapers for additional events and resources to inform cloud usage in government.