In moving to the cloud, software licensing proves a stumbling block

Kelly Martin/Nextgov

There are distinct hurdles on the path to cloud computing: adoption of new technology and migration from existing platforms, for example. One element, though, seems to be straightforward enough--licensing. Federal agencies used to buy; now they're going to rent. How hard is that?

"It looks like it should be easier," says Mark Day, chief technology officer at the Housing and Urban Development Department. "But we haven't tested it yet. We haven't proved it to be easier." In fact, federal executives have serious concerns about cloud licensing, despite President Obama's initiative urging agencies to adopt Internet-based technology services. The cloud model provides computing on demand, which is billed as needed, rather than purchased as a packaged product. That's a dramatic shift from traditional licensing and it requires a new way of thinking.

"There is going to be a cultural change," Day says. "We need to discover best practices around this. There will have to be some lessons learned as a community." The change begins with the fiscal implications of pay-as-you-go licensing, says Darren B. Ash, chief information officer at the Nuclear Regulatory Commission. If agencies can't allot a single lump sum for software, then "you've got to have a strong model to be able to estimate how much you need to budget," he says.

That estimate should factor in predicted usage, not just next month but years down the road, as well as short-term spikes in demand.

Cloud licenses also must include new metrics for success. In traditional licensing, the service level agreement mattered: There had to be a clause covering performance. Now performance is the product and service is nine-tenths of the game, so that agreement requires a whole new level of care and feeding.

At Microsoft Corp., Jim Miller, director of the public sector business desk, says the company's federal clients are paying close attention to this issue. "What differentiates the cloud is the uptime, the archiving, the data at rest, the cross state boundary considerations," he says. "[Agencies] are going through the SLAs with a fine-toothed comb. They have many sets of eyes on them making sure they are asking the right questions."

But fine-tuning service level agreements assumes agencies know how to draw up a cloud license. That might be tricky for a number of reasons, according to Daryl Plummer, a managing vice president and chief fellow at the research firm Gartner Inc.

No. 1: Can you buy it? "A lot of the companies the government is working with are on the purchasing schedules for 'products' but not for 'services,' " Plummer says. "So, do I just go and buy this service, calling it a product? Or do I have to buy it as a service? And if it is a service, how does that change what I can or cannot do" in the license?"

No. 2: How do you buy it? If agencies are paying for a service, rather than a product, "it means you can't buy it out of your capital budget," Plummer says. "You've got to buy it out of your operating budget. But how do you depreciate that? How do you amortize that? Is it something that changes your books, something that changes how you report the numbers?"

Then there is the multiplicity of

license models in play as agencies migrate from traditional to cloud computing. With multiple formats running simultaneously, multiple charges become a possibility. A traditional license might have set certain payments already, while an overlapping cloud license simultaneously charges for the same software, even from the same vendor.

"You have to pay for the same product twice, based simply on how you are using it," says Bruce Hart, chief operating officer of Miami-based cloud infrastructure provider Terremark Federal, which serves about 50 agencies.

To dodge that bullet, Hart recommends aiming for critical mass. Federal executives should think about licensing cloud products not on the departmental level, but at the agency level. With agency-scale buying power, "they can be demanding a different approach from those service providers," he notes. "They ought to be allowed to have a license that applies both to their physical stuff and their virtual stuff."

NRC's Ash says the licensing issues that keep him up at night have to do with data ownership. A cloud service provider will have its hands all over a customer's data. That's part of the win, after all: the vendor's ability to manage not just the software but also the data driving an application's use.

Should the vendor and customer part ways, however, a sloppy license might leave critical data behind in the cloud, Ash says, "and I don't want to put us in that situation."

Adam Stone, a freelance journalist based in Annapolis, Md., writes about federal

management issues, technology and a broad range of business topics.