Next month – all being well – the UK Cabinet Office will lift the lid on what form the UK public sector Cloud Computing strategy will take.
Notably absent from the national ICT strategy announced back in April, Cloud has not been forgotten, but the grandiose plans for an over-arching G-Cloud that were being formulated under the New Labour administration have been scaled down.
Exactly what form the revised Cloud thinking will take remains to be seen, but the broad sweep commitment to Cloud as a cost-effective, scalable delivery mechanism has been articulated by both Government CIO Joe Harley and his deputy Bill McCluggage as well as being cited by Prime Minister David Cameron and other members of the political establishment. So a continued identification of Cloud as the way ahead seems like a safe bet.
In the US, the Obama administration – when not having to wrestle with keeping the bailiffs from the door – has been an enthusiastic supporter of Cloud Computing – even if some of the more died-in=the-wool Federal CIOs were not quite as keen. But the Obama ‘Cloud First’ policy has put the US federal government sector on a clear path to mass adoption of Cloud technologies, hand-in-hand with data centre closures on a mass scale.
Such is the inevitably of the Cloud advance in the US that the TechAmerica Foundation, made up of Cloud providers and academics, has now issued a Cloud First Buyers Guide for Government to provide easy, best practice steps for procurement officers in the government community to purchase and deploy Cloud services and technologies.
In its preface to the Guide, the Foundation notes: “To spur government agencies to take advantage of the benefits that Cloud Computing enables, the Obama Administration has issued a Cloud First policy. This Buyer’s Guide is designed to assist government agencies as they evaluate and purchase Cloud services and solutions in response to that policy.”
While the specifics of the Buyers Guide are inevitably highly geared to US government structures. the basic principles at their heart are eminently replicable across other nations, including the UK.
Step One: Business case
The report begins by recommending the creation of a business case – which may seem unusual given the mandated nature of the Cloud First policy, but the business case is needed to establish priorities. The report notes:
“Defaulting to a particular Cloud deployment or service model rather than using agency performance objectives to define the approach will result in missed opportunities to benefit from available Cloud services. In making the transition to the Cloud…first focus on workloads and Cloud services and solutions that have already been widely deployed in the Cloud in the private sector and government.”
In other words, don’t stick the tried and tested (and failed) practice of reinventing the wheel at every given opportunity. The Foundation identifies three main categories of Cloud offering that have proven track records already:
- Infrastructure as a Service e.g.: storage web hosting, and backup.
- Platform as a Service e.g. database services, identity management services, security services, geospatial information systems and customised application in areas of IT management.
- Software as a Service e.g. email, CRM, collaboration, payment processing, and service centres.
Step Two: Establish priorities
Next, map your priorities and map them against the technology solutions on offer. Everyone will have a different set of priorities that matters, but among the most common aspects to take into consideration are:
- Automatic upgrades and patches
- In-house development and customisation capabilities
- Sustainability and energy considerations
- Integration with existing systems
- Interoperability and open source
- Transparency of provider performance
Step Three: Think about security
The inevitable objection raised in both private and public sectors is the bug bear of security. The Buyers Guide notes: “Cloud services are not inherently more or less secure than in-house IT implementations. In both cases, security depends on technology, policies, and practices. A robust implementation of Cloud services is capable of meeting a variety of security requirements.”
But it observes that what does change is the question of responsibility: “One of the differences between cloud and in-house IT implementations is the degree of control for who manages and controls the security processes. Agencies should focus on managing the agreements between the agency and provider to ensure that a consistent security posture is maintained independent of who is responsible for the various layers of the system.”
Step Four: Implementation considerations
These are essential if the essential principle of sharing resources is to be adopted successfully. To that end, procurement officers need to ask:
- Is the Cloud service easy to configure?
- Does the Cloud service exist elsewhere within government and can that service be shared elsewhere within government?
- Does the Cloud service provider enable portability of user data through an effective combination of documents, tools, and support for agreed-upon industry standards and best practices?
- Are there third-party solutions to provide access to the data in the Cloud service?
- Will the Cloud service provider, the government body, or third party integrate Cloud applications with in-house applications to ensure seamless end-to-end processes?
Step Five: the RFP
The topics and sections of the traditional RFP still largely apply, including background descriptions about the provider, client references, startup and ongoing cost models, and required certifications, but it is important to streamline the RFP process to reflect the rapid deployment of Cloud services.
Step Six: Take advantage of government’s scale
Are there government-wide initiatives that can help on price or best practice?
Step Seven: Don’t forget the people aspect
The Guide warns: “Cloud technology will not deliver the desired return on investment without addressing the people and process issues that are needed to manage effective systems.”
Step Eight: Look for a common approach to supplier evaluation
The Guide urges: “Use a data- driven approach to evaluate Cloud offerings.”
Step Nine: It’s all in the timing
Consider various factors to determine when is right for you to make a move to the Cloud. Factors can include:
- Need for legacy system replacement
- New systems upgrades that will require additional ICT investment
- A need for testing platforms to support new development
- A desire to run a pilot project for a programme or initiative
Purchasing Cloud services is all too often approached as a difficult new practice, but the Buyers Guide concludes: “Although the shift to Cloud Computing raises new issues that must be considered, existing Federal government procurement practices are flexible enough to enable acquisition of the new capabilities.”