Governance: a cloud computing strategy's silver lining

 Email Article |  Twitter |  Facebook |  digg it |   delicious |   StumbleUpon |   LinkedIn |  reddit 

InformationWeek's coverage of the new government cloud computing portal apps.gov highlights how agencies can now order applications 'with the ease of ordering a book on Amazon.com.'

Seems simple enough and I won't pretend to be an expert on the apps.gov cloud. However, there's a dimension to the portal or actually any cloud infrastructure that's worth exploring a bit more. It's the issue of governance. While making applications available through a public or private cloud offers tremendous benefits, there's a level of risk that needs to be mitigated before those applications can be made available for broader consumption.

The challenge that a lot of federal agencies (and businesses) are going to face as we create one-stop-shopping clouds is not so much security and access to the cloud as much as it is going to be about managing the contributions to the cloud.

From an applications perspective, any compromises made during the design and development phase will have a ripple effect throughout the cloud and impact nearly every single end user attached to it. These compromises include ignoring policies, best practices and agreed-upon methodologies.

Cutting corners at the beginning of the development process will almost always create gaps in the cloud resulting in the proliferation of bad code and applications. Imagine the impact if an application for identifying tax evaders or tracking stimulus fund spending went awry.

From a business perspective, there's the personnel issue that needs to be addressed. In the case of the federal contractor, there are often several layers of subcontractors that also flow in and out of an agency project. In many instances, each brings - and leaves - different methodologies and coding languages.

The image above really drives this point home.

While these fresh perspectives from contractors may be very effective in helping meet the project's objectives, they become part of the application and are nearly impossible to extract before it's made available in a cloud. This leads to inconsistencies and the creation of too many similar yet different applications and web services.

If the strategy is to create a seamless, federal enterprise architecture where applications and services are easily shared among agencies, governance must play an active role in reaching this goal. This is due to the fact that when you have such a vast amount of variables, thousands of subcontractors and thousands of applications, to manage both on premises and in the cloud, the greater the risk is to the end users and the infrastructure.

Of course, we'd like to believe that you'd turn to WebLayers to avoid these potential issues but that's not the pressing matter here. What is the issue is that if governance is given a back seat as a cloud strategy is being mapped out and if agencies continue to rotate contractors without enforcing approved methodologies, the benefits of efforts like apps.gov will be squandered. We'll find ourselves spending far too much time and money trying to fix the issues that could have been avoided.

-jeff