Agencies have been steadily moving their operations to the cloud but after taking the first step to cloud migration, many have found that new challenges await them.
Challenges include the difficult task of migrating legacy applications and workloads to the cloud, efficiently managing operations once applications are set up, and ensuring the security of sensitive information.
Faced with shortages in both manpower and cloud knowledge, agencies could benefit significantly from cloud management expertise and guidance to fill the gaps in what service providers deliver. A managed service provider can help them take full advantage of what cloud offers while avoiding pitfalls that lead to ineffective services, misspent money or risky cyber vulnerabilities.
Below are some best practices that agencies should follow to get the full benefit of moving to the cloud and to overcome challenges after doing so.
1. Embrace cultural change
In many ways, the cloud represents an entirely new way of operating for agencies, and managing that change needs to involve the entire organization. “Getting the buy-in at the highest level, at the executive sponsor level, is the most important,” said Atul Mathur, Chief Information Officer (CIO) at Credence Management Solutions, a cloud managed services provider to the government, “because everything flows down from there.” Managers and employees down the chain can follow what Mathur called deep discovery — learning as much as they can about cloud migrations, and building relationships with program officers, contractors and others involved. A managed services provider can be critical in providing guidance.
2. Ensure information security
Data is the lifeblood of any agency and the security of that data — especially sensitive data such as personally identifiable information (PII), contracting data or program information — is paramount. Agencies looking for support should ensure that a provider is well-versed in the Federal Information Security Management Act (FISMA), FedRAMP, DISA’s CC-SRG and other applicable requirements. This involves working with officials at the top of an agency as well as the IT professionals in the trenches. “Cybersecurity is not an afterthought,” Mathur said. A provider needs to be prepared to work with cybersecurity teams from the start, and to engage agency leadership and oversight agencies such as DISA for DoD workloads.
3. Enable automation
One of the great advantages of a cloud environment is the speed with which services can be developed, deployed, monitored and updated due to automation. Whether it is testing in a DevSecOps environment or deploying full-stack solutions, agencies need to be sure that processes are reliably automated to eliminate errors, relieve agency personnel from spending their time on manual processes and ensuring that risks assessments and compliance requirements are performed in a timely fashion.
4. Practice good governance
A strong governance plan is essential to managing cloud resources. By emphasizing the people, processes and technologies being employed, governance helps keep track of how resources are being used, which reduces risk. It also helps eliminate shadow IT, while allowing employees to focus on the best use of their time. Best Practices in Cloud Deployments A
This article is an excerpt from GovLoop’s recent report, “Simplify Cloud Adoption With Managed Services.”
To learn more about managed services and how your agency can best take advantage of what cloud offers, download the full report here.