It’s well documented that the public sector currently lags behind the private sector when it comes to cloud adoption. In fact, after leaping forward with OPM’s ‘cloud first’ policy, the federal government has started to slow way down.
This slowdown has been attributed to a number of factors, such as risk aversion and budget constraints. One of the most significant contributing factors is the general sense of confusion or lack of knowledge about cloud. For example, in a recent GovLoop survey, respondents were asked to weigh in on the cloud deployment most appropriate for their agencies. The largest proportion of respondents selected the ‘don’t know’ option (55 percent).
[For more survey results and compelling government cloud case studies, make sure download our latest guide, “Innovations that Matter: How Cloud is Reinventing Government.”]
As a response to this knowledge gap, GovLoop, in partnership with industry partners Akamai, Brocade, DLT Solutions, Red Hat and ViON, recently produced an in-person training event on cloud computing. Click the following links to read recaps of the opening and closing keynotes, as well as government best practices. Below, we’ve also collected a few insights from industry to provide another perspective on cloud computing in the public sector.
Drivers of Cloud Adoption
Ray McCay, Vice President of Solutions & Strategy at ViON, sought to reframe the discussion around cloud computing. “We would like to propose a change to the discussion from, ‘what is cloud,’ to ‘why cloud,” said McCay. In other words, public sector organizations should first focus on the business problems that need to be addressed, then look to identify a solution – cloud or otherwise – that can best address that problem. In this way, we aren’t wringing our hands over the definition of cloud technology. Instead, we’re looking for places where we might be able to adopt a different technological approach.
McCay identified a number of business challenges currently driving cloud adoption, which also highlighted a few benefits from cloud computing:
- The need to focus on delivering value to the organization, instead of purchasing, installing and managing IT infrastructure.
- The need to scale IT resources up and down with business cycles.
- The need to accelerate the delivery of a fully optimized application environment.
- The need to reduce the volume of up-front IT costs (i.e., shift from a capital expense to an operating expense model of investment).
The Department of Defense: An Unlikely Cloud Adopter
Bob St. Clair, Senior Manager of the Solutions Architects Team (Department of Defense) at Red Hat, also suggested agencies look to their business needs before choosing a cloud solution. He cited the Department of Defense as a prime example of this approach.
“When you look at the some of the executive leads from the Department of Defense (DoD), they have absolutely embraced public clouds,” said St. Clair. “This may be a little surprising, given the department’s reputation for moving slowly, but they have embraced them wholeheartedly.”
But why? What was the driver? The DoD wasn’t simply enthralled by new technology – they had a confluence of needs. The department was confronting increasing service demands, a shrinking budget, and greater collaboration between different departments – including IT. “They wanted more innovation and wanted to spend less money doing it,” said St. Clair.
Cloud: Disrupting the Traditional Process
Of course, we can only dwell on the use-case question for so long. At some point it’s also valuable to understand what cloud can do specifically for your agency. Steve Wall, Chief Solutions Architect at Brocade, painted a clear portrait of an organization deploying an IT solution before and after cloud.
In the traditional model of IT deployment, a user identifies a business need. Perhaps this person has an application and needs some particular components – some memory, storage, and servers. She submits a ticket to the service team, which then provides her with an estimate of 2-3 weeks. This ticket then floats across different teams, from the network team to the storage team, with each department (hopefully) working with the others to stand up the solution. If the solution delivered requires changes, it goes through the whole process all over again.
“We can see this is process isn’t the best or most efficient way to get solutions to people,” said Wall.
This is contrasted to a cloud-powered organization, which has the potential to stand up the same solution in minutes. In this scenario, a cloud architect creates a series of tenant architecture based on the typical needs of the organization (as it relates to server, storage or networking). These templates are then delivered to the IT administrator, which publishes and manages them.
When a user has a request, she can simply log into the request dashboard and select a solution based on the series of templates available, have it validated by the IT administrator, and have it up and running almost immediately.
Don’t Forget Security
“You really have to rethink your security posture when it comes to cloud, because traditional defenses no longer suffice,” said R.H. Powell, Service Line Director at Akamai Cloud Solutions. This is because with cloud, you’re putting your infrastructure and applications out there. But even if you haven’t yet taken your data to the cloud, malicious actors are already there, so relying on your firewalls won’t be enough.
To help attendees remember the tenants of cloud security, Powell used a simple analogy. He noted that to keep a fire going, you need three essential ingredients: oxygen, fuel, and heat. If you take one of those away, your fire goes out.
Similarly, with cloud you need three things:
1. A resilient DNS: If you can’t resolve your hosting, you don’t have a cloud that people can go to.
2. Web applications: Applications must be protected against people trying to take them down, exploit them to retrieve data, or take control of access privileges.
3. Infrastructure: You need to make sure that the infrastructure you are running stays available.
Therefore any cloud security strategy must take all of these three components into consideration because without one, the entire solution goes down.
Just because government doesn’t always move at the speed of private industry doesn’t mean we can’t benefit from some of the lessons learned on their end of the playing field. If you want more information on cloud computing, which includes case studies and thought leadership from inside and outside government, make sure to download our latest guide, “Innovations that Matter: How Cloud is Reinventing Government.”
Event sponsored by: