As federal agencies face budgetary pressures that drive them toward more agile IT pushes around cloud deployment and DevOps practices they must first tackle big perceptual and cultural roadblocks. Case in point is a survey out last week that showed that 89 percent of federal IT professionals still feel apprehension about migrating to the cloud, with 43 percent saying that it felt like giving their son the keys to their new convertible.
Conducted by government research firm MeriTalk on behalf of NetApp and Arrow, the study shows that only 44 percent of agencies report having mature data governance practices in the cloud, and cite data exceptions, data integration, and collaboration and interoperability as their top challenges. Security still tops that list, though, with just one in five IT pros completely confident in their cloud vendors’ security.
Interestingly, just a third of agencies met the June deadline this year to make sure their cloud solutions meet the security criteria laid out by FedRAMP. Among those who didn’t make the deadline, another third plan to do so within a year.
The push to do so could present opportunity to work on the associated applications and cloud integrations with a new approach that could potentially embrace DevOps principles. For example, IT staff at the National Renewable Energy Laboratory recently used its initiative to gain FedRAMP compliance for its AWS integration as a chance to establish a DevOps pilot program.
According to Keith Trippie, executive director for enterprise system development at the Department of Homeland Security, federal agencies’ ability to improve through DevOps, security and cloud deployments will all play important roles in improving time to value for citizens.
“I look at the budget challenges we have today as a change agent for the government. It’s going to force us to innovate quicker than we have,” Trippie says. “It’s part of a healthy IT diet, where we’re looking at DevOps, we’re looking at continuous assurance on the security side, we’re looking at cloud in commodity IT, which will enable us to provide services more quickly than we have before.”
On the cloud front, one of the big ways agencies can drive more safe deployments is through better governance. According to the MeriTalk survey, 52 percent of organizations don’t have well-understood data integration, 50 percent don’t have defined data owners and 49 percent have no known systems of record. The survey showed that the more mature organizations were in improving data governance programs, the more likely they were to be comfortable with turning over IT services to cloud vendors.
The cultural stodginess and lack of groundwork laid by federal agencies to make cloud migrations possible could also potentially prove the biggest stumbling blocks for federal DevOps deployments.
“The federal government will have to call into question some well established practices in order to implement DevOps,” wrote Mike McGarr of Netflix recently.
A current engineering manager for the Netflix Build Tools team, McGarr previously worked as a federal government contractor. He advises agencies to avoid the sales people who will try to sell DevOps in a box and take a deep look at processes both within the agency and contractor organizations.
“There are number of practices, rules and even regulations that inhibit government IT evolution. Government agencies need to continually ask ‘why do I really need to follow this rule?’ and keep asking,” he writes. “Get to the core goal of these restrictions, and propose a better way to solve this problem.”