White House Outlines Move from ‘Cloud First’ to ‘Cloud Smart’


The administration wants comments on its plan for governmentwide cloud computing adoption.

The White House released a draft of its cloud computing strategy for public comment Monday entitled “Cloud Smart,” which will refocus the federal government’s adoption efforts.

The new strategy will update the Obama administration’s “Cloud First” policy, established in 2010, to better reflect where agencies and the technology are today.

Seven years ago “was a time when cloud computing was still new,” Federal Chief Information Officer Suzette Kent said during a roundtable with reporters Monday. “Many agencies were early in their journey in adopting those technologies and we’ve learned a substantial amount within the federal government, as well as the capabilities in the industry, which have significantly advanced.”

Today, agencies have a much better, hands-on understanding of cloud, including its benefits and challenges, Kent said.

The policy looks to build on Cloud First by “ensuring the technology fits the mission that you’re trying to serve,” she said. While the 2010 policy asserted the potential benefits of cloud, Cloud Smart will stress mission outcomes.

The strategy document offers application migration as an example.

“Moving an application from a traditional data center to a virtualized infrastructure vendor generally does not enable automatic application scalability with increased user demand,” the document states. Cloud Smart attempts to focus on how that application is used to meet the mission and what it will take to truly modernize it. For example, rather than just sticking an old app in a new environment, agencies should think about what training will be needed to ensure their workforce can continue to manage and iterate in that new environment.

Moreover, the Cloud Smart policy establishes workforce, procurement and security as the main pillars of the strategy, three areas the administration often links together when talking about IT modernization.

“Historically, policies have isolated these areas, creating confusion and a misunderstanding of requirements, mission and needs,” the strategy states. “However, they are deeply linked, and require an integrated, interdisciplinary approach, rather than a one-size-fits-all approach to IT modernization.”

Tony Scott, the last person to serve as federal CIO during the Obama administration, said he would have liked to see more emphasis on the use of commercial-off-the-shelf solutions that don’t require significant customization to work in an agency setting.

“Part of the cloud journey—including being smart about it—is to leverage work already done by others, and unfortunately, procuring custom software—even if it meets the other criteria of scalability and security—should be a last choice, not the default first choice, which is still too often the case,” he told Nextgov. “Failure to address this forcefully will result in the government making the same mistakes it has always made, only in the cloud this time.”

Overall, Scott lauded the direction of the Cloud Smart policy, “particularly the emphasis on workforce and procurement challenges and opportunities. These are often the bigger barrier to modernization than are technical issues.”

The document is posted on the Federal Register and open for public comment until Oct. 24.

Before the year is out, OMB plans to update a host of policy documents around IT, including managing data centers, high-value assets and the Trusted Internet Connection initiative, which offers guidance on establishing and finding secure network connections. The office also plans to issue new guidance for reporting cybersecurity incidents under the Federal Information Security Management Act, or FISMA, next month.