The public sector IT association, Society for innovation, technology and modernisation (Socitm) released their latest practical guide for public sector CIOs looking at the challenges and opportunities presented by cloud computing. The association says the report is designed to be a practical guide for the public sector CIO and other public service business leaders into the realities of cloud challenges and opportunities of today. It lays out the issues and opportunities raised by cloud computing in the public sector and how best they can be tackled.
The report, at its start, does away with complacency saying, “it would be easy to assume that there is nothing new about cloud computing. After all, it has been around for nearly 20 years. Socitm’s first briefing on cloud, ‘Heading into the Cloud’ is still relevant today and was published in December 2010.”
While the prevailing perception has been that the public sector has been comparatively slow in its adoption of cloud computing, with the civil administration cadre being unfavourable to change, resulting in the retention of inefficient and outdated IT models and services, the report says this is only partially true.
Many other factors play into the decision for cloud deployment. These include advocates and marketers exaggerating the benefits and underplaying the risks, costs and challenges associated with cloud adoption in a government context. The situation is compounded by ambiguous cloud policies at the top along with a paucity of robust governance. The report says that a successful cloud adoption strategy relies on a sound understanding of the different types of services available. Concerns over procurement and logistics are dependent on the type of service that has been chosen.
Hosted cloud platforms, as an example, extend basic cloud infrastructure as a service. While established brands can be considered safe, secure and resilient, it is imperative that care is taken in managing how sensitive data is tracked and shared, and where data is located and processed.
On the other hand, cloud-native applications can be implemented faster and are easier to manage. The flip side to this coin is that leaders need to ensure that their team has mature methods for development and optimisation.
Of course, homegrown solutions can help address particular challenges better than even specialist solutions from the private sector. Many public service organisations are therefore beginning to turn to development work, even in partnership to share services. However, attention needs to be paid to optimise performance and security. It is also imperative to maintain the necessary level of skills and resources for support and development.There must also be careful planning and design to avoid creating future legacy overheads.
Hence, to genuinely enjoy solid returns of cloud investment, agencies must think carefully when planning. Rather than rely exclusively on in-house expertise and teams, they should seek advice on how to best capitalise on the investments.
Cloud migration and deployment comes with a plethora of advantages including robust resilience, enhanced security, the potential to save on a range of costs, sustainability, greater agility and superior innovation.
When convinced about cloud migration, agencies must retain a tempered perspective. While the urge to cover the entire gamut of services at one time, it may be prudent to avoid this strategy. The report said this could be counter-productive. Too many concurrent cloud implementation and transformation projects could lead to confusion and pose a challenge in terms of governance, vendor supervision and change management.
While transitioning to cloud computing is designed to be safer, it does pose unique risks in and of itself. While many expect that the main risks associated with cloud computing to be maintaining resilience and control of the technology environment, security and data management, these may not be the primary concerns.
Instead, cloud technologies commonly cause risks in areas including increased use of shadow IT, a growing dependency on internet connectivity and capacity, the lack of clear data ownership for apps, and the lack of understanding or tracking of data use — which can have regulatory implications.
The report warns that a move to a predominantly cloud model of IT requires even careful consideration. Organisations must expect to face challenges in areas ranging from security to vendor lock-ins, availability of technical support, data governance issues and increased requirements for IT resources.
Careful thought must be given when choosing a cloud service provider partner. Extensive due diligence checks in tendering and selecting a cloud service are a must. These should involve an assessment of both the vendor and its solutions along with credential checks, standards and accreditation evaluation. When reviewing the terms of a proposed contract, provisions must be made for vendor-support for transition and migration.