The first wave of cloud computing came during 2008-2009, and that was when cloud capabilities were at their nascent stage. The technology was yet to be mature for its implementation in government projects, especially for large governments. On the other hand, it opened up new ways for smaller authorities to migrate some of their functionalities over to the cloud. However, there were multiple challenges regarding the cloud services offered by third-party providers. Since there was no standard set for the maintenance of government data, the main concern revolved around data security. Many CEOs and CIOs unanimously stated this as the obvious drawback of cloud technology.
Phil Bertolini, the CIO of Oakland County, Michigan, recognized that the security concern is contributing to the government sector’s decreasing reliance on private sectors and cloud capabilities. Consequently, he built his private cloud for government entities. The initiative by Bertolini offered a firsthand experience of the cloud as a better measurable solution for large government entities. This change in the landscape led us to look at the possible adoption of cloud capabilities. The hurdle in this adoption drive was the long time that individual entities would have to take to build their cloud repositories. Therefore, we had to turn toward several cloud service providers. Even so, the whole adoption process was going slow, and it was due to the lack of knowledge that we had about the cloud.
Invariably, this realization led us to define and categorize cloud technology. The categorization led to splitting up cloud solutions in three distinct roles—public, private, and hybrid cloud. This initiative coincided with the development of CalCloud in 2014, for the state of California departments and agencies. Carlos Ramos, the then State of California’s CIO and Director of the Department of Technology, in collaboration with IBM, created an on-premise private cloud. However, the challenges of adopting commercial clouds were still present among the authorities. Unknown to us, this was the time, we were on the brink of a massive technology uprising. Around this time, Google, AWS, and Azure released new lines of their existing solutions to meet the specific requirements of governments on the bedrock set by both Bertolini and Ramos while building their cloud solutions.
Since then, cloud capabilities have matured significantly, thus making way for the need for stricter terms and conditions for cloud solution providers that were willing to work with government institutions. For a long time, authorities used to follow the standard terms of services that were imposed on software providers for creating a service contract with cloud solution providers. When it comes to solutions like SaaS, PaaS (platform as a service), and IaaS (infrastructure as a service), the security concerns starkly differ from the terms and conditions for old software. Hence, it required us to completely rewrite the terms of services to strengthen a number of the stipulations on liability and reliability at the service level.
Consequently, we had to come up with dedicated channels, MPLS (Multiprotocol Label Switching), and other solutions that gave us guaranteed bandwidth to make sure there was zero latency on applications that were time sensitive. The groundwork that we have collectively done since 2014 was utilized by the National Association of State Procurement Officers (NASPO) in conjunction with the State of Utah to create the cloud solution’s RFP. This RFP served as a clearinghouse for companies that want to provide cloud services to the government sector and get on a cooperative contract. This step created a baseline process for government entities and cloud service vendors, as the RFP considered all the present challenges of implementing cloud capabilities and how the government wants to manage its administrative processes.
Since then, government entities have been in a position to choose from a wide variety of cloud choices and capabilities. Besides, the practices of migration to the cloud are being streamlined. Companies are well aware of the expectations, so they channel their data into following the guidelines issued by the National Institute of Standard and Technology (NIST). The guideline offers complete security and standards expectations that companies need to meet and exceed to protect government data.
“Instead of you identifying the operational needs and having someone develop and monitor the solution, these providers are constantly enhancing and improving their products”
Selecting the Right Partnership
Before cloud solutions came into the picture, the biggest challenge for most government organizations, especially in the state of New Jersey, revolved around capital investments—purchasing hardware and software—and integrating products. With the transition to cloud services, these organizations started moving from cap-ex (capital expense) models to op-ex (operational expense) models. Organizations that have constraints in implementing cloud services will require to figure out how to be creative and avoid increasing their op-ex or look out to acquire these services.
Today, we have a plethora of services like people-as-a-service, security-as-a-service, payments-as-a-service, data-as-a-service, and testing-as-a-service that have transitioned from physical infrastructure to cloud solutions. With the numbers of cloud solution providers, it’s an excellent opportunity for government entities to invest and decide the best way of providing services to its citizens. At the opposing end of the spectrum, service providers are finding their niche, and they are providing capabilities that, in most cases, fit the needs of government entities.
With the more converged approach, these cloud solution providers can meet the specific needs, and their specialty in those respective fields makes them more sought after than before. All the yesteryear’s concerns have made them build their solution and services with dynamic and robust security capabilities. Also, many companies are now proactively detecting the future customer needs and adding functionalities in their existing solution. Instead of you identifying the operational requirements and having someone develop and monitor the solution, these providers are continually enhancing and improving their products and their users can automatically get all those capabilities and enhancements for a subscription fee.
Selecting a perfect cloud solution vendor will require you to do your homework. Government entities need to make sure that they are looking at cloud services from a business perspective and assess the vendors’ offerings. If the government is not thinking beyond the immediate future, the chances are high that they are choosing the wrong process, and it can set them off on a completely different direction.