After I was appointed as the Director of the Office of Technology Services in 2012, I met with all of our major customers to ask what services we weren’t providing that they would like to see us provide. Cloud services was the number one response, so my challenge was how to implement it.
Some of the key attributes of cloud services included resources on demand, scalability (both up and down), self-provisioning, high degrees of automation, standardization, and virtualization. All of these attributes are things that are challenging in a government environment. For example, we have an 18-month budget cycle and a six- to eight-month procurement timeframe for large IT procurements. This was going to make resources on demand difficult to implement.
While the Department of Technology has great technical staff, we had no experience with providing cloud services, no experience with self-provisioning, and our experience with virtualization was really limited to servers. Our staff had never virtualized storage or networks, both of which are components of a cloud- based IT solution. In the end, it became obvious that we needed some help with implementing cloud services. As a result, we looked at partnering with the private sector to supply and manage the infrastructure, to provide training and knowledge transfer to state staff, and to allow us to gain some experience with providing cloud services. Our approach allows us to take advantage of the things that the private sector does so well, (infrastructure-as-a-service, etc.) while allowing us to provide the value added services our customers want, (database management-as-a-service, etc.). In the end, it truly is a partnership between IBM and the state in which both partners benefited.
CalCloud team, left to right: CalCloud Support Team Member Brittany Estrada, Ron Hughes, CalCloud Support Team Member Von Zimmer, CalCloud Support Team Member Alan Anderson, CalCloud Support Team Member Taron Walton, CalCloud Technical Manager Greg Kakigi, CalCloud Support Team Member Keith Klaus, CalCloud Project Director Neeraj Chauhan, CalCloud Business Manager Amy Cooper. Not pictured: David Langston, CalCloud security.
What exactly is CalCloud?
CalCloud is a private cloud located at the state data centers in Rancho Cordova and Vacaville. It is vendor provided, vendor managed and provided at no start-up cost to the state. The vendor, IBM, only gets paid as workload is added to the system. The contract is structured to provide tiered pricing, so the more workload that is added to CalCloud, the lower the cost. The services provided include infrastructure-as-a-service, platform-as-a-service, and storage-as-a-service. Customers will have access to a portal where they can provision their own systems. They may choose from three operating systems (Windows, Linux, or AIX), add memory or storage on an as-needed basis, and select how often and at what location to back their systems up. Users also have the option of provisioning disaster recovery services.
Why would a government department choose CalCloud?
From a customer point of view, not only will CalCloud provide a lower cost of service, but it also gives them back control of their IT systems. We are essentially giving them a virtual data center that they can operate as if it were their own. So one customer may have a mission critical system that they want to run in Sacramento, have it replicated in Vacaville and provision Tier One disaster recovery (one hour downtime), while another customer may only need servers at our Sacramento site and local backup. It is customizable to each user instead of a one-size-fits-all IT solution.
Security in the Cloud
The security of CalCloud was one of our primary considerations. Most of these concerns are centered on public clouds, where the data could be at multiple vendor data centers, potentially in multiple states or countries. Our solution is a private cloud located in the state’s data centers, so the data never leaves the state’s control. We also give the customer the option of encrypting their data at rest.
We knew that we had to meet the security requirements for all of our customers. With more than 400 different customers, the security requirements are pretty extensive. We designed CalCloud to be compliant with all of them. For example, CalCloud meets national requirements (NIST and FedRAMP), and meets IRS, Social Security, and HIPAA requirements. Security has been our focus from day one and we have made it clear that if there is a conflict between security and the highest functionality, security takes precedence.
Future of CalCloud
I believe that CalCloud will fundamentally change the way the state provides IT services to state departments and agencies and ultimately to California citizens. Instead of months for a new IT system to be up and running, systems will be provisioned in hours. Instead of capital expenditures for IT equipment that quickly becomes outdated, CalCloud will always feature state of the art equipment that doesn’t require any capital expenditures on the part of the state. The services offered by CalCloud will evolve over time, but I believe that CalCloud will become the primary solution for delivering IT services in the state of California for the foreseeable future.
Ron Hughes is the Chief Deputy CIO, California Department of Technology, Office of Technology Services.