August 05, 2009

U.S. Federal Government Cloud Computing Requirements

The U.S. Government's General Services Administration (GSA) has released a requirements document and RFQ (Request for Quotation) that details what is expected from cloud-computing vendors in terms of security, service level agreements, geographic location, and data ownership for "Low and Moderate Impact Cloud Computing (CC) Software as a Service (SaaS) offerings".

The RFQ includes the ground rules for being a cloud service provider to the U.S. Government.
Federal agencies will retain ownership of data and applications hosted online, and they can request full copies of data or apps at any time.
In addition, cloud services are to be multi-tenant in architecture, be able to be provisioned securely and remotely, scale elastically, reside within the continental United States, and provide visibility into resource usage.

The RFQ says cloud service level agreements must provide for at least 99.95% availability, vendors have to take steps to secure their services, and trouble tickets and order management need to be able to be done via API.
Any Virtual machine services must allow live migration of workloads from one VM to another, while Web hosting services require both Windows and Linux options.

Info Week News Article:

RFQ - Request for Quotation:

RFQ Document:

Entry categories: Cloud Services
Posted by Jorgen Thelin at August 5, 2009 11:49 AM - [PermaLink]