As public-sector agencies continue to shift applications and data to the cloud, choosing the right cloud providers can be a difficult task for CIOs. Depending on the user base and complexity of the systems involved, one company may be all that’s needed, or it could be a mix of three or four vendors.

But a new service has sprung up in the past year or so that’s helping agencies identify the best cloud providers for them — cloud brokers.

Think of the service as a technology version of an insurance broker, but with a much wider scope. Organizations aren’t just using brokers to find the best cloud prices. They’re also relying on them to match an agency’s technical needs to the most appropriate cloud provider and when needed, help integrate multiple systems from different vendors.

The National Institute of Standards and Technology defines a cloud management broker as a platform that provides a user with an interface that accesses multiple cloud providers.

For example, if an agency needs to set up public-facing high-volume Web pages, it might turn to Amazon’s cloud. But that doesn’t mean it should stick with Amazon to build and host other applications. If there’s another provider such as Microsoft Azure or Verizon’s Terremark that fits the project better, a cloud broker can identify that and suggest which to use.

The brokering services are delivered not just by people, but also by software applications created by companies to give agencies updated information about a cloud provider’s capabilities and cost at any given time. That type of platform typically can handle integration and service-level management tasks associated with cloud brokering.

Cloud Brokers: At a Glance

What it is: A technology and service that functions as a bridge between an agency or organization and cloud providers.

Benefits: An apples-to-apples comparison between different cloud services, and lower prices depending on the relationship between the broker and the cloud provider.

Drawbacks: Selecting a broker with few cloud vendor relationships may lead to limited choices and financial savings; poorly written contracts could result in being bound to a subpar broker.

Suggestions: Always choose a broker that integrates well with your organization and the cloud providers. Draft all cloud broker contracts with clear expectations on performance and the ability to terminate and retain service with the vendors.

“It’s just not good enough to say that every [cloud] component is available 99 percent of the time because if any one part fails, the user doesn’t get what they need,” said Mark Day, director of the U.S. General Services Administration’s (GSA) Office of Strategic Programs. “So the broker can do that service-level monitoring across the services you consume.”

The GSA is starting a pilot project using a cloud broker to help agencies transition to the cloud more effectively. Day said the program will start small, featuring a couple of federal agencies toward the end of 2013. He added that the goal is to figure out what features of cloud brokers prove to be valuable and whether it will help agencies that have shared services to sell.

The concept of cloud brokers has been kicking around in the private sector for a few years. But it has only gone mainstream in the last year or so, according to Feza Pamir, a partner relationship executive at Unisys. 

Pamir said cloud brokering originated with large-scale commercial outsourcing. When companies wanted to buy hardware from one vendor, and services from another, they needed a middleman to help manage it. Cloud brokers are a further extension of that model.

Chris Smith, U.S. federal chief technology and innovation officer for Accenture, said that from a public-sector perspective, cloud brokering is all about aggregating and facilitating the consumption of services so that government agencies can deliver on their missions as efficiently as possible.

“The term ‘broker’ has stuck because it’s this concept of a capability sitting in the middle of an ecosystem of those services,” Smith said. “If you think about the multiple flavors that are out there today just on infrastructure, there’s a need for an organization to be able to manage that set of capabilities and seamlessly allow the businesses to purchase them. The broker really sits in the middle of that and allows that fluid, easy access.”

Practical Application

From a software perspective, the primary benefit of a cloud broker is automation and license management. The technology lets agencies tap into multiple cloud services as they become available.

Texas is an early public adopter of cloud brokers. The state’s Department of Information Resources (DIR) is in the midst of a pilot to study how agencies can adopt cloud technology and enable widespread adoption.

A select group of Texas agencies were allowed to choose a virtual cloud-based infrastructure as a service from a variety of providers offered through Gravitant, a cloud broker. The idea was to provide decision-makers with an apples-to-apples comparison in pricing and functionality.

Todd Kimbriel, director of e-government and IT services with the Texas DIR, said the pilot is an experiment to better understand the concept of market choice in the public sector. He added that while the private sector can acquire goods and services fairly easily, the public sector is continually mired with constraints and boundaries that make a purchasing decision more difficult.

One of the key benefits Texas has experienced with cloud brokers is in the billing department. Kimbriel explained that Amazon requires advance payment for its cloud services. That’s a problem for Texas, as the state has a statutory requirement that services must be paid for after they are rendered.

But a cloud broker helped alleviate that. Instead of contracting directly with Amazon, Texas had the broker hold the contract with Amazon and paid the broker service instead. This way the agency didn’t run afoul of state law.

“The cloud broker’s role is to absorb all of the gaps and differences — make sure that the business model of the cloud provider is successful, reliable and stable and that the needs of the public-sector agency are also predictable and satisfactorily met,” Kimbriel said.

Accenture’s Smith believes that using a cloud broker will enable agencies to get the top cloud services at the lowest prices. Instead of having individual contracts, an organization can take advantage of the relationships a broker has fostered with the bigger cloud providers.

Smith added that the public sector faces huge challenges in technology, particularly pressure to increase productivity with fewer resources. He said it was paramount that CIOs structure IT agencies as entrepreneurial entities that can respond to requests for the latest technology. Cloud brokers can handle the service-level agreements and be part of the solution.

“You don’t want to be the house of ‘no’ and saying, ‘You can’t have this great new service,’” Smith said. “You want to be able to stand it up in an online, almost e-commerce catalog-type way.”

Brokers also can help automate decision-making. If an organization wants, a broker can assign certain computing aspects to particular cloud providers, taking the decisions out of human hands. For example, if a broker has six different cloud vendors and an agency doesn’t want the hassle of deciding which one is best suited for each of its applications, the broker can choose for the agency based on a number of variables. Or, if an agency doesn’t want to lose individual control, it can have the broker program into the service a set of rules and conditions that dictates what application goes to what vendor.

But while that can be done, control is still important to many public-sector agencies. Maintaining that control is a big factor for the GSA as it moves forward with its pilot. Day said it wouldn’t be an exaggeration to say that some federal agencies could end up with 40 different cloud providers when you look at all the different software-as-a-service options that might be available.

Day explained that most brokers have workflow engines that allow customers to program their own financial and acquisition rules into the system.

“GSA is looking at how we can help agencies consume the cloud efficiently and effectively,” he said. “What we are not doing is transferring to the cloud broker the decision as to who the cloud providers are [or] making fair opportunity acquisition decisions. That remains a government function.”

Pitfalls and Concerns

Despite the advantages of using a cloud broker, they still come with caveats. Experts agree that CIOs should ensure that a broker has relationships with numerous cloud providers before entering into a contract. This way an agency gets a wider variety of vendors to evaluate which providers work best for them.

In addition, agencies should have a contract that addresses how to move to another broker if a disagreement arises. A cloud broker holds the agreements with the individual providers, not the agency. So if that agency wants to switch brokers, it doesn’t want to be left without the use of services.

For example, if a state IT department puts an application on infrastructure hosted by Microsoft Azure and the state is going through a cloud broker to access Azure, there should be an out in the contract that lets the state move to another broker without disrupting services with the provider.

While Texas’ pilot is still running, Kimbriel agreed that there’s always a risk that a contractual relationship will sour. He said that if the DIR were to leverage a cloud broker after the pilot has concluded, he’d work language into the contract that clearly defines the disentanglement process between agency and broker.

Shawn P. McCarthy, research director at IDC Government Insights, agreed with Kimbriel and encouraged agencies to draft carefully structured service-level agreements that explicitly state the level of performance that’s expected.

The importance of ensuring that brokers respect government procurement rules was another key point for Day. He cautioned agencies to avoid brokers that have limited vendor relationships.

“That really doesn’t give the government the flexibility it needs to be an efficient consumer or making sure there is a good, competitive environment to keep our pricing as competitive as possible,” Day said.

Rob Enderle, president and principal analyst of the Enderle Group, said the key things to consider about cloud brokers are security and that the broker can easily integrate with the agency’s back-end system.

He also believes that public-sector agencies should confirm that the providers being used by the broker comply with security regulations and are auditable — particularly small providers that may have financial difficulties and potentially go out of business.

“If they do have a problem and fail, you need to be able to pull your stuff off and recognize [where the data is stored] particularly with regard to the use of overseas resources,” Enderle said. “With government services, you are not allowed to put that information overseas and you want to make sure those rules would be adhered to.”

JP Balakrishnan, vice president and CTO of cloud for Infosys Public Services, had a different take on the pitfalls of brokers. He said one of the chief priorities when looking at an automated cloud broker program is the broker’s emphasis on maintaining the technology and data coming to it from the vendors.

He said that without diligence in keeping the broker program updated, it could lead to agencies not getting accurate information and added that a program produced by a larger company will likely be more trustworthy because of the technical power and capabilities of a bigger organization.

“It has to dynamically adapt to the changing back-end service providers offerings, and the program has to be updated on a regular basis,” Balakrishnan said. “So you need to make sure that you are [with] a large host that has the muscle to continually update and monitor all of the key players in the market.”

Brian Heaton  |  Senior Writer

Brian Heaton is a senior writer for Government Technology. He primarily covers technology legislation and IT policy issues. Brian started his journalism career in 1998, covering sports and fitness for two trade publications based in Long Island, N.Y. He's also a member of the Professional Bowlers Association, and competes in regional tournaments throughout Northern California and Nevada.