Opinion: A big virtual tick for Canberra's cloud plan

By Brett Winterford on Jan 10, 2011 4:31 PM
Filed under Strategy

Finance to maintain cloud control whilst embracing the model's benefits.

OPINION - The Department of Finance has released a sound strategy document for adoption of cloud computing by Government agencies, which balances out the need to pursue the cost-savings the cloud can deliver against the risks its adoption poses.

The draft plan [PDF] released late Friday acknowledges the inevitability of a transition to the cloud computing model for many applications, whilst maintaining many of the same central controls that govern the Federal Government’s approach to traditional technology outsourcing.

The draft strategy – which I summarised briefly this morning - will see the Government produce governance frameworks for agency adoption, a certification process for approved cloud computing vendors, and finally a whole-of-Government procurement panel and service catalogue.

Most of this work is expected to be complete before the end of this year.

By internet industry standards the timetable isn’t overly aggressive. But by government standards, it is thoroughly appropriate - if not aggressive.

I would argue that on such a timetable, the Federal Government will (for once) not find itself dragging behind the technology adoption of Australia’s largest private sector organisations – but rather assert itself into the rare position of moving in parallel with them.

In fact, the Government’s strategic direction paper should give many CIOs in the private sector some confidence in building their own case for cloud computing adoption. And ideally it might convince local IT companies and telcos to consider building out some computing scale on Australian soil.

The document’s authors appear well-versed in the realities of today’s enterprise computing environment. The draft strategy paper identifies the core benefits of cloud computing and also isn’t overly alarmist when it comes to the risks.

The paper also avoids the cloud-washing definitions used commonly within industry (and embraced by analyst groups wishing to please a multitude of vendors) – sticking instead with a long-held and respected set of definitions conceived by NIST.

The authors recognise that cloud computing is “a new ICT sourcing and delivery model, not a new technology” – and that subsequently the challenges ahead are more likely to be contractual rather than technical.

The document notes, for example, that “the legal/contractual, economic and security aspects of cloud computing are still relatively immature” but encourages agencies to nonetheless dip their toes in the water by migrating unclassified data and applications.

The list of risks for agencies to consider is comprehensive. The paper lists privacy and security risks, vendor lock-in, a reduced ability to customise applications, business continuity risks should internet services be unavailable, legal and technical difficulties around retrieval of information, the risk associated with sharing infrastructure with other unnamed customers, and the need to meet regulatory requirements both at home (such as Australia's Privacy Act) and abroad (such as The U.S. Patriot Act).

It also notes that there is little legal precedent with regards to liability issues in the cloud and that there is a lack of cloud computing options of considerable scale already available in Australia.

They are all very real barriers to adoption, but not impossible to overcome with the right governance framework.

The authors rightly note that there is a cost of inaction. Many business units within agencies are probably already consuming cloud computing services, outside the knowledge of their IT department and wider governance mechanisms. The Government cannot sit back and pretend cloud computing isn’t happening.

One concern

Whilst the document and the department’s wider strategy ought to be applauded, policy-makers will no doubt still face some critics within the cloud computing industry around the level of central control Finance wishes to impose on agency adoption.

There is also scant detail available as to how this cloud computing strategy fits with AGIMO's wider goals around data centre consolidation.

Specifically, I expect there will be concerns around whether the Government's controls can move quickly enough to endorse the latest cloud options as they spring up.

The barrier to market for new service providers – especially software developers using platform-as-a-service – is now incredibly low. New cloud services can be written by small, nimble teams in weeks – not months or years.

Canberra’s typical procurement panel processes have been proven to work well to drive down IT costs by using the scale of whole-of-Government buying for a better bargaining position with suppliers.

For cloud computing, such a process could be used to negotiate better terms and conditions in the contracts of service providers for all agencies. (Ideally such a process would be transparent so that it could also provide more favourable terms for private organisations too.)

But will such a process – which usually approves suppliers over multiple year periods - be inclusive of smaller cloud computing providers? And will it be revised regularly enough to keep up to speed with innovation?

That’s the main question I’ll be asking in formal responses to the draft strategy paper. What are yours?

Opinion: A big virtual tick for Canberra's cloud plan

11 comments in this discussion

"Thanks Peter we will follow that up."

By Louis Leahy

Tags

cloud computing, strategic direction paper, australian, government, finance, procurement, panel, certification, clic

Australian Government looks to certify cloud providers

US agency shifts from BlackBerry

SME suppliers rush on UK's G-Cloud

Husic eyes government software pricing

Breaking Stories

Telstra router causes major internet outage

NSW Attorney-General drawn into copyright suit

Optus seeks restraint on TV Now criticisms

Loose cable undermines CERN's faster-than-light claims

Microsoft files EU complaint over Google, Motorola

Comments: 11

Louis Leahy Jan 11, 2011 7:45 PM	If the treatment we received as a small business is anything to go by we would caution any small business in wasting time with the Department of Finance or any other Federal Government Departments for that matter. It took us nearly 8 months to be put in touch with a decision maker in the Department of Finance and then we were simply given the brush off without any explanation or proper consideration of our technology. Our specialisation is Authentication and we have designed a ground breaking technology that will significantly improve security outcomes on the web but The Prime Minister’s Office, Treasury, The ATO & Department of Finance AKA the Australian Government instead elected to go with outdated technology which in the configuration that has been implemented ultimately significantly reduces security on the networks of Government Departments that participate. This government cancelled the COMET program without an effective alternative. The Commercialisation Australia program is an ineffective quango for elitist academia. It appears the Government are ignorant of the federal legal provisions for procurement from small business and treat them in the same manner as large corporations that have significantly more resources and the illegality of this behaviour aside, this is to the great detriment of the development of IT industry in this country. A sector with one of the worst balance of trade deficits which is not unsurprising if the indifference we encountered from its biggest consumer using our hard earned tax dollars is anything to go by.
djzort Jan 11, 2011 10:16 PM	You seem to be under the illusion that features and quality sell software.
mango Jan 12, 2011 9:56 AM	They don't want to know you unless you have the $Billion balance sheet they believe you need so they can sue you. Interesting to note that with all the screw-ups over the years with $Billion suppliers - how many have actually been sued?
Psuedo Jan 13, 2011 6:07 PM	@Louis - talk about having a whinge... "My software was over looked by the government, better turn up my grudge". Don't have such a naive view of the world and IT in general. Strategy, budget, project pipeline, environment, politics... these are all important factors that need to be taken into account when making a decision on suppliers and software.
Ace Jan 17, 2011 11:45 AM	I hate to say it @Louis, but the commenters are right. You probably need to sell your product to one of the vendors with existing government contracts, not directly to the govt itself. The vendors are the ones responsible for recommending, supplying and supporting technology.
Maxxi2 Jan 17, 2011 4:15 PM	@Louis: Ace is correct, the Depts. have supplier contracts via their respective panels. The optional approach is to identify the technology entry persons at each Dept, and approach them with a compelling argument (compelling to them, not to you...)why they should take some time to see how you are going to resolve some issues or problems they have. Logically, you need to have identified the actual problems or challenges that they currently have, otherwise you are trying to sell an unknown food to a well-fed entity or an unknown painkiller to someone with no pain. They are also little interested in your moral positioning. COMET was used by one of my previous employers with great effectiveness, resulting in excellent development work and international expansion... Go to market, get yourself validated by some marquee accounts, then get your time with the Depts and demonstrate the great advances you have made for other significant entities. Otherwise you remain just another small developer with great ideas and little or no market validation. BTW: The NEVER touch those Louis...
Louis Leahy Jan 18, 2011 10:46 PM	djzort I presume your comment is in jest or maybe you’re a troll. I note from you previous comments that you agree with our position about single sign on so you can’t be all that bad. Maybe I am deluded time will tell. Mango I think your right and my point was that that is actually illegal under the procurement rules put in place by the Parliament. Psuedo just because we are a small business doesn’t mean we don’t know how to run a business, you seem to be labouring under the elitist misconception that small means inexperienced. There are plenty of examples of Government projects undertaken by large organisations that have gone pear shaped and cost the Australian Tax-payer far more than any undertaken by small business the reason for this is that it is much easier to hold small business to account as alluded to by Mango. Anyone who understands IT these days will know that many of the ideas are being protected by the originators and not handed carte blanche to those who fail to understand to screw up. Ace yes you are right and the advice is appreciated however we still maintain that this is in fact illegal under the Government procurement guidelines and because we are having to do that ultimately those distributors are more than likely to be foreign owned which was my main point which Psuedo thinks is a whinge. When the current commodity boom comes to an end as all booms do Australians will begin to understand why it is important to develop multiple industries for economic stability. Maxxi2 yes I think you are right also however the point is that they are not allowed by law to discriminate in that manner against small business. We do not think it is for Government to sit back and wait for market validation by the time that happens the opportunities for this Country will have been lost. The role of Government is to be proactive and foster new industries for the benefit of future generations. I know that is being idealistic but so be it. When we initially began the development cycle we wanted to encourage collaboration here to try to keep it all happening in Australia rather than racing off to California as so many companies are now doing. As it stands we have now entered into a number of agreements via North America which will mean those opportunities have been lost to Australia probably for good. Its not a grudge it just the facts for those who agree with Psuedo then no problem its all good, however we don’t agree we think the policies put in place are bad for the development of alternative industry in this Country. This was the concluding commentary raised by Winterford in his opinion piece which prompted us to write as we believe it to be a very valid line of enquiry.
peterhau Jan 26, 2011 10:07 AM	@Louis, how is this illegal? SSO has been around for some time, RSA has a solution, Novell has one, there are plenty of others, and as for foreign owned, blame howard for that gem, Free trade agreement anyone? There are quite a few locally owned Disties in the market, niche players, who may be happy to promote your product to their resellers, taking the effort out of your hands and gaining a larger market for you. I suggest that you take a look at CollabIT, the Govt / AIIA initiative, to enable to the fostering of collaboration between ICT resellers and other groups. Your solution may be unique, but there are plenty of organisations out there who have similar and complementary products and services. Manufacturers need to have access to the Government market from a broad approach, not try to knock down doors themselves. You might also like to check out Distribution Central, Dicker Data, MMT, ACA Pacific and ICT Distribution, they are all locals, and may be able to promote your product effectively to their resellers, who, in turn, can get you into the government space. Being a small business means that you are agile, innovative and potentially of benefit to all segments of reseller business. Don't Pigeon hole your offering, let as many people as possible have access to it - with control of course. Partner programs and channel models are enablers, not detractors. One other question, are you a canberra local? or are you in another city? if you are trying to penetrate the tight canberra market, be mindful that a local who has worked with govt over the years has a better access vs a company not located here. Additionally, although locals don't use them, maybe a lobbyist can get you a spot in the sun with the departments.
Louis Leahy Jan 27, 2011 6:06 PM	Thanks peterhau for the insight it’s greatly appreciated. The illegality is associated with not following the procurement guidelines i.e. discriminating against small business. Incidentally I don’t know if you have read the author of this articles subsequent article about the lack of tendering going on that was very interesting to read also. I have no beef with competition I think that is very good but none of the products you mentioned will stop people’s credentials being stolen by phishing, smishing, vishing, spearphishing our solution is the only solution in the market place that will do this. Our solution works to compliment the existing solutions of the vendors you have mentioned we are not really in competition with anyone unless you consider the existing authentication topology competition. It is free but it is fatally flawed and the cause of much of the security problems besetting networks today. We certainly would welcome resellers and distributors in fact that is the primary emphasis of our business to work with intermediaries we don't wish to reinvent the wheel and they will receive the majority of the margin as we are primarily focussed on trying to assist in fixing a very ubiquitous problem but we understand it will not be us who actually does that our role primarily is to get that ball rolling if we can. Deluded I may be but I don’t think I have had an attack of that much hubris just yet to think for a moment that we can usurp incumbents but we need the customer to listen and then go back to their IT committees to a least give the issues due consideration for change to occur or for the intermediaries to start thinking about it when putting forward their solutions.
peterhau Jan 27, 2011 6:34 PM	Louis, I don't think you are deluded. I think you need to sit down with the CollabIT people and see how they can help you. again, I mention the disties, after working for one for 3 years, I know the clout they have in helping a new product get the exposure to the right resellers who are in the areas you want your products in. It may be that a tender comes out with specific requirements, that there is no other defined solution on the market that meets exactly the way yours does. Having a distie in between you and the reseller means that everyone will have your product, and they will have an intimate knowledge of it, after being trained by you.
Louis Leahy Jan 28, 2011 10:33 PM	Thanks Peter we will follow that up.