US government CIO tells cloud buyers to get tough on suppliers

US Department of Labor CIO Dawn Leaf shares her learnings from helping 19,000 employees move off-premise at Cloud Expo 2015

The CIO of the US Department of Labor (DoL) has cautioned would-be cloud adopters not to let suppliers railroad them during their move off-premise by not taking responsibility for service problems.

Speaking at CloudExpo Europe, Dawn Leaf talked delegates through the cloud lessons she’s learnt through her recent work to reduce the DoL’s reliance on on-premise technologies.

This has seen her oversee the successful migration of 19,000 employee inboxes from on-premise Microsoft Office to Office 365, securing them 400 times more email storage in the process.

Furthermore, she claimed this has had a knock-on effect on staff productivity, as they previously wasted two hours each month clearing out their inboxes to make more space for new messages.

In cost-saving terms, however, Leaf said the per-person, per-month costs associated with running Office 365 are equivalent to keeping the nine different legacy systems that previously underpinned the department’s email systems up and running.

The move wasn’t all plain sailing though – she talked at length about the challenges the department faced, particularly when it came to establishing supplier accountability when something went wrong.

As an example, Leaf explained how Microsoft had initially batted away responsibility for some connectivity problems users were having when trying to access its cloud services as an issue with the department’s telecoms provider.

Read more about government cloud moves

  • Doubts have been raised about Enisa's decision to look to the UK for guidance on how to create a security framework that accelerates adoption of government cloud services across Europe
  • G-Cloud supplier Databarracks has called for more stability and continuity of the programme, warning that continuous changes, and a lack of guidance and clarity, is putting off local government authorities to procure IT services via the G-Cloud framework

Once the mistake was realised, Microsoft sorted it, she said, but it also provided the department with an opportunity to tweak its cloud troubleshooting strategy.

“One of the things you want to make sure of is that, if there’s an issue, everyone is working on it at the same time and not sequentially,” Leaf said, as that will make it easier to establish where the point of failure is occurring and who is responsible.

In a similar vein, she also advised users not to shy away from adding their own caveats to the contracts they sign with their cloud providers to give them some room for manoeuvre should problems crop up.

In the department’s case, this involved introducing an operational readiness clause in its cloud provider contracts to protect it from recurrent service failures.

“That’s a condition in the procurement where the department and the cloud vendor or service provider had to prove technically that we could get to the cloud services. If we failed in a two-month timeframe we automatically move to the next provider,” said Leaf.

Making the cloud move

Like most organisations, the DoL’s move to the cloud was prompted by the need to cut costs, after an analysis by the US government revealed its agencies and offices were collectively spending $82bn a year on IT.

Around 80% of that money was being invested in infrastructure and the majority of that spend was being eaten up by maintenance projects, said Leaf.

But before its move off-premise could get underway, the organisation had a number of technical problems to address, which she said other cloud adopters need to bear in mind before taking the plunge.

These include making sure they have sufficient network bandwidth to access and run cloud services, particularly collaboration tools, while the department had the added problem of having thousands of users still using machines running Microsoft Windows XP.

“One of our first challenges was getting ready as an agency ourselves to be able to connect to cloud, and that meant ensuring we had the network and security in place to access it,” Leaf said.

“We found 150 inconsistencies in our network we had to address before we could even modify our firewalls and connect.”

Read more on Wireless networking