Let's Talk Cloud Strategy: A Q&A with Mac Sims - Logistics IT Transformation Branch Chief at USAF

Q1: Can you please give us an overview of what your role entails as the Logistics IT Transformation Branch Chief for the U.S. Air Force?  

1. 
   
2. As the LOG IT Transformation Branch Chief, I support the Logistics CIO’s modernization and innovation efforts across the portfolio. To that effect, we oversee all LOG IT cloud migrations, app rationalizations, and consolidations across the $1B portfolio. Additionally, my team develops strategies for future technologies and serves as an incubation hub for innovative ideas before we pass them to the corporate structure for sustainment and large-scale implementation. Finally, my office is also responsible for the development and implementation of the Basing and Logistics Analytics and Data Environment (BLADE), the logistics community’s new big data platform, a critical component of the Department of the Air Force’s Data Fabric. 

Q2: What were the key considerations and factors that influenced the decision to embrace cloud technology in the U.S. Air Force's logistics operations? 

2. The Air Force has a critical mission need to move to the cloud. In 2016, the Logistics CIO was notified that our centrally funded data centers would be closing, which allowed us the chance to look at how our hosting strategy needed to evolve to meet modernity. Our warfighting strategy demands that Airmen have access to reliable systems that are available to scale on demand in whatever environment they find themselves. The cloud offers this availability at scale while also providing continuity of operations in case of unforeseen contingencies. It also allows us to take advantage of the benefits of SaaS and PaaS, allowing us to field capabilities faster while making it easer to keep up to date with the cutting edge software that the commercial sector is using.  

Q3: Can you share some insights into the top challenge the U.S. Air Force faced during its cloud migration journey, and how you overcame it to successfully implement a sound cloud migration strategy? 

1. 
   We’ve learned the importance of establishing clear boundaries, roles, and responsibilities between relevant stakeholders such as the CSP, the CSSP, the buyer, and the app owners up front. We learned that lesson the hard way while trying to figure out on the back end of the migration what sustainment needed to look like for our applications. Most of our migrations have been first of their kinds, so we’ve had to discover what we needed along the way, but changing the terms of contracts and service agreements can be very difficult, so we now work with our technical experts to ensure a level of deep granularity in those agreements based on our experiences in past migrations.  

3. Aside from the technical lessons learned, we’ve also learned that there’s a cultural component to migrating to the cloud. Our app owners and airmen are only familiar with the capabilities that on-prem solutions bring to the table, so older apps that are migrated over sometimes don’t see the full benefits of migration as the owners have never had the opportunity to run their apps with those benefits in mind. Likewise, as we take requirements to build new cloud-native apps, functional mission owners don’t know what’s in the realm of the possible, leading to requirements for old-style apps in the new environment. To mitigate this and try to drive the cultural change in our Department’s thinking, we always try to accept requirements for development in the form of problem statements and user stories rather than proscriptive statements about what the mission owner would like the app to look like

4. 
   

2. Going back to the point above, you must collaborate throughout the process to build a successful migration. Critically, one must ensure that roles and responsibilities for the lifecycle of the migration are determined and documented at the front end. In our case this has been exceptionally difficult, given that our migration Strike Team, our oversight organization, and our CSP (Air Force Cloud 1, a hybrid cloud between Azure and AWS), are spread across completely different commands within the Air Force. Further, our CSSP is located within the Department of the Army.   

4. Since we began this journey, we have become more and more involved with our DAF, DOD, DA, and commercial partners, opening new lines of communication all the time. The cross-talk between these organizations has been critical on a base level to make sure that all cloud migration tasks are complete, but also because it allows us to build our knowledge of best practices across the enterprise and limit the impact of unforeseen events. 

Q5: How does the U.S. Air Force strike a balance between adopting cutting-edge cloud technologies while ensuring compatibility with legacy systems and applications? 

2. Migrating our legacy systems has always been our top priority. This allows us to bring them into modern security standards and host them in a scalable environment, among other benefits, but it also allows us to save money that would otherwise be used to support legacy apps on-prem. This enterprise saving then allows us to reinvest the monies in cutting-edge applications. In essence, we use our IaaS saving to fuel SaaS and PaaS innovations through our CSP broker.  

4. We are also doing this within the context of a larger app rationalization and consolidation effort. This allows us to select our apps for migration based on mission need and cloud compatibility, which we should all be doing anyway, but with some additional clarity about the lifespan of the app to maximize both savings and mission impact.  

Q6: Cloud migration can be a complex process. Could you highlight your top piece of advice (a best practices or lessons learned) from your experience that other government agencies could benefit from? 

2. In no particular order, here are three pieces of advice that I’d give to other agencies, in addition to our lessons learned above. First, ensure that you bring in and take advantage of SMEs early in the process beyond just cloud migration SMEs. Do your mission analysis on what you want the app to be able to do in the cloud, be that disconnected ops, PaaS/SaaS serves, etc. and ensure that their perspectives are included before the technical details of the migration begin.  Second, require recovery services. Leverage continuity of operations (COOP) services to ensure features and capabilities are supported in the event of catastrophic application failures. Lastly, conduct periodic reserved instance analysis to ensure that your agency is getting the most bang for its buck. It may seem easier to pay for your compute on demand, but you’re leaving money on the table if you don’t to the analysis work ahead of time to build reserve instancing into your contracts. 

Q7: Can you provide some real-world examples of the positive impacts the U.S. Air Force has experienced after implementing a structured cloud migration strategy? 

2. We’ve targeted 108 applications for migration and have completed 54 migrations to date, having seen monthly uptime comparable with the commercial standard of 99.99% and vast improvements in global resiliency, availability, and reliability. This will lead to over $800 in enterprise cost reductions from FY17-FY33. Today, Airmen are able to route supply orders, perform maintenance operations, execute sustainment reporting, and conduct enterprise-wide logistics analysis all on the cloud wherever in the world they find themselves, regardless of operational tempo. Though cost savings often get the spotlight, the benefits to mission impact are equally, if not more, significant.  

Q8: Government agencies often deal with strict compliance and regulatory requirements. How does the U.S. Air Force maintain compliance while leveraging the cloud's benefits? 

2. Though there are some interesting acquisitions pathways and exemptions for software, SaaS, etc. these cutting-edge acquisitions are generally non-exempt from the statutory requirements for legacy system. That’s why my team works hand-in-hand with the Authorizing Official Designated Representative (AODR) team, our compliance section, and our cybersecurity section throughout migrations. Migrations go wrong when compliance checks are saved for the final step when you’re looking for an Authority To Operate (ATO). Instead, the compliance team needs to be included from rationalization to migration, to sustainment. The Air Force uses a number of compliance systems to track these requirements, but it is important to drive a culture of compliance and reporting among the app owners to ensure that data in compliance systems are up to date. As with several things mentioned above, doing the work today prevents additional work tomorrow.   

Q9: How do you envision the Federal Cloud landscape evolving over the next 5 to 10 years, and what implications will this have for government agencies' IT strategies? 

2. Perhaps somewhat unique to the DOD environment, I’m particularly concerned with our ability to operate cloud-based apps in a degraded environment. I envision a future where local commands can download copies of apps and their data, operate disconnected from the global cloud on a LAN and then upload the data and download any app updates when they are reconnected. In the future, this disconnected and store-forward capability will need to be built into DOD’s cloud native applications with the ability to host on everything from a large serve room to a small suitcase sized rugged server. Many of these hardware capabilities are being shipped today, but our apps lag behind in their ability to take advantage of them.