Everybody wants to use the flashiest new technology or software. But because of how many users government agencies have, even modest applications take a lot of infrastructure, skills and labor hours. Sometimes, it’s too much. So while governments would love to offer the next big-time application, older on-premise infrastructures present a major hurdle to meeting expectations.
When the Cloud First policy was introduced, agencies envisioned tremendous potential for the public cloud. But it often didn’t work out as planned. A decade later, we’re still dependent on legacy infrastructure. Look at numbers from a GovLoop survey: 70% of agencies are running a few to some applications in the cloud compared to only 19% running most applications in the cloud.
While chief information officers (CIOs) say they want to get out of the data center business altogether, moving to a public cloud doesn’t usually accomplish that. Many agencies are in fact opting to “repatriate” their data and application workloads back on premises.
There are several key factors that agencies need to consider before moving applications to the cloud.
First, security. How safe and private are your applications and sensitive data in the public cloud versus on premises? Consider that public clouds are naturally more exposed, sometimes making them easier targets for attackers.
There’s also the issue of multi-tenancy, where many customers may run virtual machines side by side on the same physical hardware. Hackers can exploit the vulnerabilities in a cloud provider’s system and software to potentially cause the separation among tenants to fail. That can lead to an attacker jumping from one tenant to another. In other words, someone who didn’t even breach your system could still access it through another tenant in the cloud providers’ hardware.
Another threat to security is that IT operations are increasingly spread across data centers, which may span multiple clouds and even countries. Managing security and protecting intellectual property in such a far-flung manner is challenging and complex. Privacy laws in one country may limit the transfer of some data to other countries, so you need to know where your data resides and the applicable laws.
And as long as cloud administrators are human, they will be prone to mistakes. Admins might be well-versed in on-premise security but make errors in a public cloud that result in downtime or exposed data.
The second factor is control. With an on-premise installation, the equipment is in your own backyard, so to speak, so you have more fine-grained control over your workloads. Agencies lose some physical visibility and control over those assets when they’re shifted to the cloud.
Management and operations is the third key point. Not only is multi-cloud management a challenge for IT, but cloud management itself differs from on-premise management. Many agencies find there’s less need for data center engineering staff and equipment handlers for cloud-based environments. But those roles don’t fade away, because now what agencies really need are cloud administrators and governance roles.
Finally, cost. This is the classic question of if you should rent or buy. Consider the total cost of ownership. The cloud appeals to CIOs because its payment model and price are attractive. They can replace the high capital costs of on premises with much lower subscription costs of the cloud. But performance issues during the migration of mission-critical applications can add to costs, and an investment in staff with cloud data governance skills may be necessary.
So, let’s pump the brakes on the hype of an enterprise public cloud. Is the better alternative a hybrid cloud environment with a hyperconverged infrastructure (HCI) as the foundation? HCI combines compute, storage, networking and virtualization into a single appliance, or as software that runs on your preferred hardware.
Think of each component as a building block, like a Lego. You can add and remove blocks as needed — and therefore, the entire system is malleable.
It’s important to remember that a move to the cloud should be well thought out and thoroughly planned. Consider security, control, management and operations, and the total cost of ownership when deciding which workloads should remain on premises or shift to the cloud. And don’t forget that HCI could be the best option, as a cost-effective, flexible bridge that spans both environments.
This article is an excerpt from GovLoop Academy’s recent course, “Destination Cloud? Four Things to Think About First,” created in partnership with ClearShark and Nutanix. Access the full course here.