A better modernization strategy for cloud-obsessed agencies

Now begins the implementation of the much-anticipated Modernizing Government Technology Act, signed into law in December as part of the 2018 National Defense Authorization Act. The Office of Management and Budget released Memorandum M-12-18 in late February, offering guidance on how agencies can begin applying for funds to be administered by the Technology Modernization Fund (TMF). At last, the time has arrived to banish those legacy technologies once and for all!

But as federal agencies dive headlong into modernization plans, they should pause to consider what a legacy technology really is. In computing, the legacy -- often a pejorative term -- implies a technology that is old and outdated.  Mainframes are a prime example of a technology lumped into this category, but in reality they are anything but legacy. A recent survey found that 57 percent of mainframe user organizations (across industries) run more than half of their business-critical applications on a mainframe, and this percentage is expected to rise to 64 percent within a year. Furthermore, 98 percent of these firms’ customer-facing applications rely on mainframe application processing.

Does that sound like legacy? Absolutely not. But public opinion suggests that because the mainframe is old, its workloads should be first in line for a cloud transition. Migrating from the mainframe to the cloud sounds simple in theory, but in practice, many projects have failed.

The Kansas Department of Revenue’s KanLicense project was an attempt to replace KDOR’s mainframes over a six-year period. It missed its Jan. 2, 2018, launch date and has been “rife with difficulties and delays,” according to the Topeka Capital-Journal.

Another example is U.S. Department of Veterans Affairs, which was reported to have wasted close to $2 billion in an attempt to modernize its health records system. What if VA had invested a fraction of that money in improving the performance of its existing code and invested the rest in improving existing services offered to veterans?

Originally, the MGT Act was going to set aside up to $250 million for the TMF for each of the fiscal years 2018 and 2019, bringing the total to $500 million.  However, the fiscal 2018 omnibus spending measure agreement, which was signed into law almost halfway through the fiscal year, appropriated only $100 million -- well short of the $250 million previously envisioned. That means large-scale modernization efforts like a mainframe migration will likely continue to be funded primarily through agencies’ own working capital funds, putting some (if not all) of the burden of major cost overruns on individual agencies.

There’s got to be a better way for federal agencies to modernize, incorporating the cloud into their infrastructure plans and leveraging its many benefits, without undertaking the unnecessary open heart surgery of a mainframe migration. Based on actual experience with large private-sector organizations, we believe this better way is hybrid IT -- where agencies can continue leveraging the mainframe on premise for mission-critical assets while using  the cloud for commodity services. But they need the right tools and approaches to make it work. These include:

Prioritizing mainframe code inclusion. Many if not most online citizen services -- paying a parking ticket online, for example -- ultimately depend on mainframes for transaction completion. Mainframe code is the heart of these applications, yet teams remain siloed and are often not provided with modern development tools. 

Agencies are increasingly adopting DevOps approaches to support more rapid, high-performing (fast, reliable) software roll-outs. They rely on DevOps toolchains -- a set or combination of tools that aid in the delivery, development and management of modern applications -- to support their work. Because mainframe applications are a critical underpinning to many agency applications, if they are excluded from these toolchains, overall development slows down as a result.

Workload and performance management. Cost optimization becomes critical as the mainframe takes on bigger workloads (driven by more citizen services going online and becoming mobile friendly). Many IT organizations are unfamiliar with exactly how mainframe licensing costs (MLCs) are determined and don’t make sufficient attempts to manage them, which can drive up costs unnecessarily.

MLCs are determined by a metric known as the peak four-hour rolling average MSU (million services units) value across all logical partitions. In simple terms, MSU represents an amount of processing work. These can be kept at a minimum by diligently tuning each application to minimize its individual consumption of mainframe resources, and average MSUs can be kept in check by spreading out the timing of application workloads to minimize collective utilization peaks, thus keeping the average lower.

No other platform can match the mainframe’s security, reliability and scalability, and studies have shown that over the long term, mainframes are much more cost-effective than other platform options like x86 server farms. Workload management initiatives can amplify the mainframe’s cost/performance benefits even further.

Cybersecurity. The mainframe is believed to be a security risk by virtue of its legacy reputation. This misperception was not helped by the fact the breach at the Office of Personnel Management was unfairly blamed on the mainframe. Yes, mainframe data may have been compromised, but the source of the breach was within the distributed architecture, not the mainframe’s perimeter defenses.

The mainframe is the most intrinsically secure platform on the planet, one reason being that all of the hardware and software that’s needed to complete mainframe transactions reside on a single machine. This is in contrast to a distributed environment where network traffic can be intercepted by an attacker. IT executives even take the mainframe’s security for granted;   surveys have found a large majority of CIOs report being surprised by the amount of additional work and money required to ensure newer platforms match the mainframe’s innate security.

Nevertheless, large volumes of data continue to reside on mainframes, so organizations must take special care to monitor worker activity on the mainframe to avoid insider threats, whether malicious or inadvertent.  Agencies must also move  beyond simply reviewing log files to capturing and analyzing complete start-to-finish user behavior.

Now that the MGT Act is law, many federal agencies are planning their next steps which may include migrating the supposedly legacy mainframe to the cloud. Most mainframe users, however, would be much better off adopting a hybrid IT approach that allows them to take advantage of the cloud while continuing to leverage the mainframe’s unique strengths.

The mainframe can be a cog in government modernization -- supporting a citizen-first approach that delivers high-performing digital services cost effectively and securely. It just needs a little nurturing.