It’s an accepted fact that cloud is a valuable and respected technology in government. But it hasn’t always been. Let me tell you how we achieved cloud acceptance.
First, we noted cloud's ability to achieve cost-benefits, greater efficiencies, agility and resiliency. Then, we discovered that the cloud could create faster application changes and propel the success of state’s open data initiatives. Finally, and most importantly, we tackled the security fear associated with the move to cloud.
We have reached the final phase: acceptance. But just because you have come to accept the cloud, doesn’t mean you know how to optimize cloud practices at our agency. The good news is we assembled some experts to help.
In yesterday’s DorobekINSIDER LIVE: Myth Busting the Cloud, cloud experts John Messina, NIST’s Cloud Computing Reference Architecture Working Group Chair, and Neeraj Chauhan, Project Director to California Department of Technology’s CalCloud - a brand name for portfolio of cloud services, broke down the process for getting started in the cloud into three steps.
Step 1: Get out of your comfort zone
Pushing email to the cloud is a fairly safe first step. At this point, you’ve probably already done it. But now you need to do more in the environment. But what do you move? Messina stated, “[Cloud] is one of those things where creating a new system from scratch is ok. It’s a relief to say ‘You don’t have all the legacy baggage that you need to deal with when you go in looking at the existing systems.' Those systems are considerably more expensive, harder and time consuming.”
While Chauhan recommends moving a few applications first to see how they do, be sure to follow up with the bigger ones for a successful application migration.
Step 2: Define security standards
We have great news for you! NIST has already done a lot of the work of creating security standards by surveying industries to identify what elements are holding them back from cloud transitions. They developed ten high-level concerns you need to address before you can embark on widespread adoption. Here are a few: security, acquisitions, procurement, service-level agreements, terminology, and concern with lock-in.
Read the full standards in NIST SP500-293 cloud technology roadmap document.
Step Three: Think about the bigger picture
Deciding what to move into the cloud can be difficult. Should you use a private cloud or a hybrid cloud? Making sure you pick the right solution can be daunting.
Chauhan described the characteristics that make it easier to decide what to carry along for the virtual ride. “Look for applications that are more web-friendly, few strict data regulation controls, and that consists of public data. When sitting down and having that first service level agreements talk with your provider, identify metrics and a terminology that are easy to understand and hold a party accountable.”
When it comes time to sit down and have the service line agreement chat, both Messina and Chauhan suggest creating cloud scenarios and defining what metrics should be used for operations and cloud computing – so you are getting what you’re promised.
With each passing year the fear of cloud computing dissipates, but as the culture of cloud acceptance moves forward, more challenges are emerging. Staying on top of the new challenges are a top priority for both Messina and Chaunhan. But both see huge potential.
“Cloud is a means to an end, and when working with different customers with different business needs, it’s very important to understand the users needs,” explained Chaunhan. “Asking more open-ended questions and creating a better strategy on how to implement security in the cloud can help solve a customer’s business issues.”
Messina is focusing on finding a model of communication because “Even within experts on cloud computing there are different understandings of what cloud computing is.”.
Listen to the on-demand training here.