Microsoft plugs cloud to feds

Microsoft officials are touting the company's new cloud-based Office 365 as a good choice for federal customers because of its tiered subscription structure and secure management.

Office 365, unveiled at an event Tuesday in New York, is an updated version of the software giant's Business Productivity Online Standard Suite and includes improved, Web-based versions of its word processing, collaboration, PowerPoint, email, calendar and instant messaging products.

BPOS received the coveted Federal Information Security Management Act certification from the Agriculture Department in April, after which the agency agreed to migrate about 120,000 employees to the cloud-based suite.

The Office 365 package Microsoft is offering to federal users includes isolated cloud storage space managed only by U.S. citizens with government security clearances, Susie Adams, chief technology officer of Microsoft's federal division, said Thursday.

The new suite also should appeal to federal customers because of its tiered pricing model, which runs from $2 to$27 per user per month, Adams said. That will allow agencies to pay a reduced fee for interns and other employees who need access only to a handful of services.

One benefit of being located in the cloud is that providers can upgrade services on a regular basis without having to sell customers new hardware, Adams said. Microsoft plans to roll out upgrades to the cloud-based service every three to six months, she said, but will allow customers to control when the upgrades takes effect so they don't disrupt operations.

Computer clouds essentially are large banks of off-site computer servers that can operate much closer to full capacity than standard servers by rapidly repacking data as one customer surges in usage and another one dips. Cloud customers pay for data storage based on use, as with electricity or another utility, rather than with a set fee.

Federal agencies have historically been hesitant to move their services to the cloud because of security concerns over housing their data off-site.

Adams said she's seen that discomfort ebb in recent years, especially since federal Chief Information Officer Vivek Kundra announced a plan to move roughly one-quarter of the government's information technology budget to the cloud in the next five years.

"People just need to stop and look and make sure you're comfortable that your data and its sensitivity level matches your cloud provider," Adams said. "There are always going to be security concerns. That's not going to go away. The cloud isn't necessarily more secure or less secure, it's just who has the responsibility [for ensuring its security,] changes [from the agency to the cloud provider]."

Adams speculated agencies will become more comfortable with cloud storage once the government stands up its FedRAMP process, a planned governmentwide certification of private sector IT that will allow it to be adopted by any agency.

The program ran into criticism when it was unveiled in November 2010, because technology companies complained the one-size-fits-all model didn't jibe with the diversity of programs in the federal government. The Obama administration has said it will consider relaxing the requirements and expects to get the program up and running this summer or fall.

Right now, Adams said, many security protocols and security-related operation tweaks have to be worked out on a case-by-case basis between a vendor and a federal agency.

"That's one of the most difficult things for us," she said. "It's time-consuming and very expensive on our end. If you look at the cloud, it's all about economies of scale and when you work with customers on that level of detail on a one-off basis, the whole economies of scale break down. You can't offer each customer a different cloud. That's not really cloud, it's just outsourcing."

This story has been corrected to reflect the fact that the Agriculture Department, not GSA, granted BPOS Federal Information Security Management Act certification.