For most federal buyers, cloud no longer means a public cloud, whose security and other risks present too high a bar for most missions. Instead, hybrid cloud is emerging as the default. of whom are in no position to use any of this, and must content themselves by frantically revising their strategy documents. These three trends, cloud, big data, and mobile, have one thing in common: they are made possible with open source. Open source software is created to solve immediate problems, like creating web services that can handle millions of mobile clients, automating data centers so they can be treated as a “cloud” and chewing through petabytes of unstructured data. Where proprietary software is sold to solve a customer’s well-understood problem, open source provides customers the freedom to innovate on new problems, and to share that innovation. Without an open source approach, ideas like cloud computing would be confined to a single innovator, or wouldn’t be possible in the first place. Open source has long been a solution for many issues in the federal space, and in 2013 we can expect much more from open source. More than any other trend, open source is putting control back in the hands of government agencies, rather than the vendors who are providing them with technology solutions. With this in mind, here are the trends I expect we’ll see in 2013:
Cloud
We’ve already seen how disruptive cloud computing can be to traditional vendors and customers, and this will continue through 2013 as the tools begin to standardize and the problems become better understood. Security, for example, has been a constant concern for both skeptics and wouldbe adopters. Compliance, auditing, regulatory concerns, legal ambiguities and governance issues have had a chilling effect on potential adopters. With very few subject matter experts on hand to mitigate these concerns, many of us rely on organizations like the Cloud Security Alliance (CSA) which promotes best practices for providing security assurance within cloud computing and education on ways to use cloud computing to help secure other forms of computing. The education, resources and services the CSA and other standards organizations provide will increase awareness around cloud security tools and help federal IT employees put many of their security concerns to rest. For most federal buyers, cloud no longer means a public cloud, whose security and other risks present too high a bar for most missions. Instead, hybrid cloud is emerging as the default. Hybrid clouds refer to cloud management that spans both on-premise and multi-tenant public clouds. This allows users to have access to something that feels like a public cloud, but still managed within an agency’s policy. Operators benefit from the seemingly limitless capacity of public clouds without compromising on security and other risks. Openness makes this possible. Open standards for interoperability and management mean users aren’t subject to vendor lock-in and vendor-specific
24
January - February 2013 · MODERN GOVERNMENT
ecosystems. Open source, of course, makes implementations of this standard accessible to a broad audience. Openness also refers to the application owners themselves who are discovering that open cloud environments encourage reuse, discourage redundancy and can create a supportive and collaborative environment for their developers and architects. While standards and the open, hybrid cloud develop apace, Platform as a Service (PaaS) cloud services promises to be even more disruptive. Where now-traditional Infrastructureas-a-Service (IaaS) clouds provide whole running systems on-demand, PaaS provides a set of well-defined, standardized components that can be quickly assembled by a developer. Obviously, these reusable application platforms and components allow agencies to innovate rapidly by focusing more time on their application and mission and less time managing the hardware and software underneath them. A PaaS could be indispensible for an agency that wants to regain control and influence over its basic infrastructure. The real magic of PaaS, though, is that it makes familiar open source patterns like sharing, standardization and modularity much easier to adopt in an agency environment – it’s no accident that today’s PaaS solutions are mostly used to host open source tools. This idea is still being digested by many within the enterprise, and a few agencies, like NSA, GSA and DISA, are testing the waters. Where we understand “cloud” as a shorthand for IaaS today, it’s entirely possible that by the end of 2013, we will see PaaS as the cloud idiom that finally delivers on the promises of cloud computing.
Mobile
2012 was the year of “Bring Your Own Device” as many shops ceded a measure of control to the overwhelming innovation in the consumer electronics market. The most obvious change we’ve seen is the transition from agency-issued Blackberries to a more open, less prescriptive policy that permits the end-user their choice of device, provided they adhere to some wellunderstood standards for security and interoperability. Less obvious is the pressure these devices place on internal and external applications that need to talk with them. The Federal CIO’s Digital Government Strategy is explicit about this: citizens expect government services to be available on their iPhone and their Android tablets. Likewise, agency employees expect to use mobile apps to access enterprise data and otherwise help accomplish their mission. This means new interfaces to old systems, providing websites optimized for mobile web browsers and APIs that make it easy for mobile applications to work with information in agency data centers. The overwhelming majority of these back-office projects to enable mobile access are using open source. This is only natural. Open source frameworks like Ruby on Rails and Drupal already