Amazon web services VP Teresa Carlson talked to the WHIR about government and the cloud
(WEB HOST INDUSTRY REVIEW) — When federal CIO Vivek Kundra stepped down from his post in August, many speculated that the momentum for government cloud migration would slow down. This has not been the case so far, and cloud computing provider Amazon Web Services (aws.amazon.com) launched its AWS GovCloud last month to prove it.
The purpose-built cloud is what Amazon refers to as a “region,” in that it gives customers control over the placement of their resources. In this case, to comply with security controls and other government requirements, the AWS region GovCloud is accessible by US persons only.
In an email interview with the WHIR, vice president, global public sector at Amazon Web Services Teresa Carlson discusses why Amazon’s pricing structure is well suited to government budgets, and how Amazon works with government organizations to comply with strict security requirements.
WHIR: How much have the US federal government’s recent pronouncements about cloud and consolidation created an environment where companies like Amazon can make a strong business case for going after that market?
Teresa Carlson: Government agencies are moving quickly to the cloud because it allows them to save money, innovate faster and focus on accomplishing their mission. Agencies have been looking at web services and cloud computing for a while, and in fact, AWS has had federal customers since we launched our first service in March 2006. The US government’s support of cloud computing through the Federal Cloud First Policy and the Data enter Consolidation Plan have also been catalysts to push agencies to take a deeper look at what cloud computing can offer and how it can transform their IT operations.
Over the years, agencies have recognized that cloud computing gives them an opportunity to do IT very differently than the way it has been done for the past three decades, and it has been our mission since AWS launched in 2006 to help businesses and organizations including government agencies benefit from this new world of IT. The old world meant lots of capital expenditure, underutilized infrastructure, and wasted time and focus on managing technology infrastructure. In the new world, AWS is providing a set of on-demand web services that allows agencies to consume as much or little as they want, scale on-demand and pay only for the resources they consume. Agencies no longer have to predict the amount of hardware they will need for each mission and instead of buying large amounts of hardware and software and putting them in data centers constructed and managed by the government, they can leverage the cloud as their data center. At the end of the day, cloud computing allows organizations to focus on their core mission.
Today, AWS has more than 100 government agencies leveraging the services, and over the past couple of years, we’ve increased our dedicated focus in public sector space. We’ve done things like build specific capabilities that are important to the US federal government, such as the new AWS GovCloud Region (US), and we’ve hired dedicated team members who are focused on helping the US government move to the cloud.
WHIR: When you’re going after government business like this, to what extent are you building to their specific demands, and to what extent are you able to say, “here’s what we think could work for you?”
TC: One of the reasons we believe government agencies are adopting these services so quickly is because of our rapid innovation based on customer feedback. Our process is to do a phased release of the service, gather customer feedback and then rapidly add features and functionality that are useful to customers such as government agencies. The Amazon Elastic Compute Cloud (Amazon EC2), which provides resizable compute capacity, is a great example of this process. Amazon EC2 first launched in August 2006. Over the years we’ve launched 11 new Amazon EC2 instance types including instances designed specifically for high-performance computing applications, which are now used by government agencies such as the Jet Propulsion Lab at NASA.
One of the philosophies at AWS is that customers come first in everything we do. We don’t write a line of code until we fully define the product. This means we first think about what the customer wants then work backwards from there. We do this so we can prioritize development based on what our customers tell us they need and allow our engineering teams to work more efficiently with minimal stops and starts. This is a process we defined early on at Amazon and a process we used when building the AWS business and still use today. This process is important as we are working with government customers to ensure we are meeting their unique business requirements like ITAR.
For example, we were recently at the NASA IT Summit talking about some of our work with NASA JPL. We’ve been working with NASA for a while now as they integrate compute, storage, database and other cloud services into daily mission operations. Working closely with JPL has enabled AWS to further tailor our services to meet the government-specific requirements for deploying mission-critical workloads in the cloud, which in turn guided our launch of AWS GovCloud.
We’ve also learned that customers want flexibility and choice. They don’t want to be locked into a particular operating system or programming language or programming model. They don’t want a black box where they must take all-or-none of the services and have little control over tweaking and adjusting their application. They want to be in charge and make these choices. Our approach is to stay focused on customers—we want what they want—so we continue to listen carefully, then innovate on behalf of them and will continue to provide them flexibility in how they can build applications on our platform.
WHIR: Can you describe, somewhat specifically, what was required from Amazon in terms of engineering, in order to build a cloud offering that was able to meet the demands of government agencies?
TC: We work very closely with our government customers to understand their regulatory and compliance needs, and in August we launched AWS GovCloud, a new AWS Region designed to allow US government agencies and contractors to move more sensitive workloads into the cloud by addressing their specific compliance requirements, such the International Traffic in Arms Regulations (ITAR). ITAR is a set of US government regulations that control the export and import of defense-related articles and services on the United States Munitions List (USML) and related technical data. Data subject to ITAR compliance is required to be stored in a US only environment. AWS only allows US Persons to physically and logically access the AWS GovCloud network. The AWS GovCloud network consists of AWS’s internal data center facilities, servers, networking equipment, and host software systems that are within AWS’s reasonable control and are used to provide the AWS services in the AWS GovCloud Region.
Furthermore, AWS has commissioned a third-party review of the AWS GovCloud ITAR compliance program and have received a favorable letter of attestation of AWS’s compliance with the stated ITAR objectives.
WHIR: Compliance is a huge concern for government agencies and there are many different security controls to consider. How is AWS GovCloud able to address and comply with all of these requirements? How different is this from the types of compliance that enterprises are mandated to meet?
TC: Security and compliance are at the top of most government agency’s list of questions about cloud computing. At AWS, we want to ensure we are working closing with every agency to answer their questions and address all their security and compliance needs. The new AWS GovCloud Region offers the same high level of security as other AWS Regions and supports existing AWS security controls and certifications such as FISMA, SAS-70 Type II, ISO 27001, FIPS 140-2 compliant end points, and PCI DSS Level 1. AWS also provides an environment that enables agencies to comply with HIPAA regulations. Many of these security certifications are leveraged by organizations in the public and private sector. The only difference for AWS GovCloud is that we have added a layer of permissions to the AWS GovCloud Region that restricts access to those on an approved list of US Persons.
This is the first industry-specific AWS Region, and it is more about the types of workloads government agencies can move to the cloud. Agencies that do not want or need to use a US Persons only environment can still use our other AWS Regions. Prior to this announcement AWS already had over 100 agencies leveraging the services.
One of the things that we are focused on now and will continue to be focused on is making it even easier for commercial enterprises and government agencies to move their mission-critical applications to AWS. One of the ways we’ve done that for the US government is by building a security and compliance framework that supports certifications like FISMA Low and Moderate and by working with the federal government on the FedRAMP effort to help agencies comply with regulatory requirements for moving data in to the cloud. And we will continue pursuing certifications to help government agencies benefit from our services.
WHIR: Do you find that Amazon’s pricing model in particular (on demand, pay per use) makes a convincing case for government’s moving to cloud infrastructure in terms of IT budgets?
TC: Yes. One of the reasons government agencies started using AWS was because of its flexible low-cost model, that requires no upfront expenditure, no commitment, no required spending levels and was available on-demand with a pay as you go pricing model. As federal IT budgets shrink, government agencies are required to do more with less. This makes the elasticity of the AWS cloud environment very attractive because agencies can scale up or down anytime and they never sit on or pay for unneeded or unused capacity.
We’ve not met a customer for whom we could not save money. We often hear from customers that really good large organizations are in the 20-30 percent range on technology infrastructure utilization—and that’s when they’re good. The cloud allows us to have several times that utilization. Additionally, we’re able to aggregate hundreds of thousands of customers across every imaginable use case and various geographies to have very high utilization of our infrastructure. How well you utilize the infrastructure is a key economic driver because if you have high utilization, you can buy less servers to serve the same load somebody with low utilization has to serve with many more servers. As importantly, there are hidden costs, beyond the hardware, that are often forgotten when government agencies assess the cost of managing their own data centers – staying up to date on data center design, negotiating contracts, dealing with legacy software, operating data centers, moving facilities, scaling and managing physical growth are just a few of the hassles that the cloud removes.
Additionally, AWS’s pricing options provide the government with maximum flexibly and cost savings. As the AWS technology platform has grown and become more and more robust, scale has enabled us to operate more efficiently and continue to lower prices. We’ve lowered prices 15 times in the past five years, and driving cost efficiencies is an area we’re going to continue to focus. In addition to passing on the benefits of scale in the form of lower pricing, AWS has a range of innovative pricing options to choose from.
For example, Amazon EC2 pricing options include: On-demand Instances, Reserved Instances and Spot Instances. On-Demand Instances let you pay for compute capacity by the hour with no long-term commitments or upfront payments. You can increase or decrease your compute capacity depending on the demands of your application and only pay the specified hourly rate for the instances you use. Reserved Instances let you make a low, one-time, upfront payment for an instance, reserve it for a one or three year term, and pay a significantly lower rate for each hour you run that instance. Spot Instances enable you to bid for unused Amazon EC2 capacity. This provides the ability for customers to purchase compute capacity at hourly rates usually lower than the On-Demand rate. Spot Instances allow you to specify the maximum hourly price that you are willing to pay to run a particular instance type.
In addition to standard storage pricing for Amazon S3, users also have the option of Reduced Redundancy Storage (RRS) for Amazon S3. RRS is a storage option within Amazon S3 that enables customers to reduce their costs by storing non-critical, reproducible data at lower levels of redundancy than Amazon S3’s standard storage.
To support government agencies in their budgeting process we also introduced a new pricing model for AWS GovCloud called Fixed Price Reserved, which allows customers the option to make a one-time fixed payment for each service they want to reserve. After the one-time payment, customers can utilize that service for the duration of their term with no additional payment as long as they don’t exceed the usage they have paid for.
About Nicole Henderson
Nicole Henderson writes full-time for the Web Host Industry Review where she covers daily news and features online, as well as in print. She has a bachelor of journalism from Ryerson University in Toronto, and has been writing for the WHIR since September 2010. You can find her on Twitter @NicoleHenderson.
No related posts.
