5 pitfalls that can scuttle a move to the cloud
Risks that could hamper e-mail migration to the cloud -- and how to avoid them
E-mail is considered low-hanging fruit for government IT managers who are starting down the road toward cloud–based services. But that doesn’t mean the first step to an e-mail migration will be a walk in the park.
Instead, agencies seeking to move e-mail to the cloud to satisfy the Office of Management and Budget’s cloud-first program must carefully plan the move and communicate with all levels of management and agency employees. And everyone should understand the intended benefits of the change, government and industry experts advise.
“E-mail is a perfect candidate,” said Fred Whiteside, director of cybersecurity operations at the Commerce Department. He also is project manager of a cloud use-case working group and member of cloud standards and security working groups at the National Institute of Standards and Technology.
“That is the low-hanging fruit,” said Whiteside, who added that “there are challenges that need to be thought through.”
New frontiers for the cloud: Dealing with outdated contract models
EPA to move help desk, security to the cloud
At last, a solid definition of cloud computing
One challenge of isolating e-mail in the cloud is separating it from other services and systems, such as human resources management systems, which are often integrated with e-mail applications. And even if such systems are not integrated, they might tap the same user repository, Whiteside said. It’s simply not a rip and replace proposition.
Los Angeles and systems integrator Computer Sciences Corp. encountered similar hurdles when they launched a cloud-based Google e-mail system during summer 2010. The system had trouble with the L.A. Police Department’s security and archiving requirements, which often created hours-long lag times in e-mail delivery.
While Los Angeles and CSC worked on those issues, the city had to maintain an on-premises e-mail system to satisfy the police department's needs. Running the older system for the police and cloud-based system for other agencies eroded the cost savings of moving to the cloud in that case.
The Los Angeles example shows that there are contractual, organizational and technical concerns that, if not handled properly, could hamper a migration of e-mail to the cloud. With that in mind, here are five pitfalls on the road to e-mail migration and suggestions for avoiding them.
1. Lack of user support
“If just the IT shop is buying into the e-mail migration to the cloud, it is not going to be successful,” said Venkatapathi “PV” Puvvada, vice president of federal civilian agencies at Unisys Federal Systems, which is helping the General Services Administration move 17,000 employees to Google Apps for Government.
“Everybody uses e-mail,” so everyone in an organization needs to understand why e-mail is moving to the cloud, what the benefits will be and what the organization needs to do, he said. Organizations also need to manage the process before, during and after the implementation, Puvvada said, based on Unisys’ experience migrating e-mail systems, not on GSA’s plan.
Even for something as basic as e-mail, getting user support is important. Puvvada said the CIO of a global electronics manufacturer, a Unisys customer, held monthly pizza lunches at which employees could ask questions and discuss the migration as it was occurring.
Puvvada cited another large, decentralized company that failed to get user support before starting its migration. In that case, managers had identified cost savings from the move. But employees were reluctant to embrace the new system, and the IT department did a poor job migrating applications off the old system. The result: They were stuck with users on the cloud and others on the older system.
Because e-mail is so pervasive, employees will bristle at even perceived slights or network hiccups, attributing their frustrations to the migration. Lack of user support can also raise costs if help-desk personnel must regularly resolve simple complaints.
In addition to concerns about the mechanics of a transition, users typically worry about the quality, privacy and security of data in the cloud. “Clear expectations need to be set and proactively communicated in advance of the move to alleviate these concerns,” said Bob Otto, former CIO of the U.S. Postal Service and now executive vice president of Agilex Technologies.
Training employees on the new cloud-based system is also crucial, Puvvada said. For example, Google Apps for Government contains a rich set of features, which let users collaborate differently than they could with traditional e-mail systems.
Many organizations prepare for spikes in help-desk calls when implementing a new system, Puvvada said. However, he said, one company received more calls than the help desk was prepared to handle. They were not system-related calls; rather, they were calls related to how to operate certain e-mail functions because people had not received proper training.
2. Convoluted data migration plans
Agencies intend to eventually move e-mail, calendars, contacts and personal archives to the cloud. But if managers don’t anticipate network bandwidth requirements or set up the right tools and policies, the migration could be delayed and people might not know where all their e-mail lives, Puvvada said.
IT managers should know how and when to transfer data to the cloud. During the migration, they must verify that the data moves smoothly to ensure that there is enough capacity and avoid slowing down the old e-mail system.
“This is often an underlooked point,” Puvvada said. Data migration is a necessary consideration beyond e-mail systems. Whenever an organization moves to a new information system, the data transition is a challenge.
Data migration tools can make the job easier, but IT teams must pick the right ones for their environment and make sure they know how to use the tools. Plenty of data migration tools exist, and IT teams need to evaluate them to determine how they relate to users and agency e-mail policies, Puvvada said.
If the IT team doesn't grasp all the details, the data migration could become a major mess, Puvvada said. If an agency does not properly move all data to a cloud-based system, users will be dissatisfied and the agency might not be able to decommission the old system.
3. Custom applications that slip through the cracks
Many agencies have other applications that tap an e-mail system or customized applications built into it. Agency IT leaders must think holistically about how complementary applications link to e-mail systems.
For example, agencies should be aware of tie-ins between e-mail and enterprise directories, such as Microsoft Active Directory or X.500 directories, Commerce’s Whiteside said. Enterprise directories are corporate repositories that house widely used information, such as data on employees.
Commerce does not have one authoritative Active Directory for its agencies, and that is likely the case for other organizations, Whiteside said. “When you start to think about cloud migration, these are the kinds of things you want to think about holistically — and the possibility of consolidating” directories, he noted.
Don’t forget to update integration with your customer relationship management system, Agilex’s Otto said. Microsoft integrates the company’s Exchange and Outlook e-mail system with a number of other applications.
“The challenge is continuing to provision these relationships correctly when migrating e-mail to the cloud,” Otto said. To get it right, agencies need to conduct a rigorous audit to determine requirements and relationships between e-mail systems and other software products.
“By documenting your e-mail architecture this way, you can also simplify your migration and capture benchmarking data needed to maintain existing quality of service and avoid surprises,” he said.
Customized applications add another layer of complexity to e-mail migrations, Puvvada said. Agencies often build such applications on top of e-mail systems to enhance work flow or use custom forms. Some client/server e-mail systems even come with a database architecture so that users can build applications.
As a result, IT teams need to understand how many applications reside in e-mail systems, what work flows have been set up and how they need to operate in the new environment, Puvvada said.
4. Underestimating the complexity of security compliance
Agency managers know they need to pay attention to security, Puvvada said. But unlike the private sector, there are specific government regulations related to the security of IT systems and links among those systems.
The Federal Information Security Management Act includes security controls that agencies and vendors must comply with. Cloud providers are vetted through the Federal Risk and Authorization Management Program’s assessment and authorization process.
Companies such as Google and Microsoft that host cloud-based e-mail are devoting resources to ensure that their systems have more security than any single agency could afford to develop, Puvvada said.
Government and industry generally know how to mitigate risk in the cloud environment, said Bruce Hart, chief operating officer of Terremark Federal, a cloud service provider now owned by Verizon. However, e-mail cloud systems have characteristics that differ from other cloud applications.
Some of the security concerns about e-mail in the cloud relate to network boundaries, including the government network, the wireless network that users can access from a portable device, the cloud provider’s network, and other areas that might not be secure, such as storage devices.
Agencies can mitigate many risks with good architecture and information security approaches. But with so many network boundaries in play, a federal manager needs to be concerned about things going awry, Hart said. “Putting e-mail on a cloud” are five easy words but demand a commitment to a set of complex technical choices, Hart said.
There are also concerns about the potential loss of physical control of data and data leakage associated with multitenancy and shared cloud environments, which can be addressed by data forensic and information tools. Questions about such issues must be asked early in the planning stages, Hart said.
5. Failure to consider mobile devices
Managers need to plan for the rising tide of mobile phones and tablets expected in the government sphere. The inevitability of more mobile devices raises a host of questions: How do you manage the transition to mobile systems? How do you remotely switch over the configuration of the mobile devices? How do you collect user information in a cloud-based arena? If not properly addressed, those could turn into major issues, Puvvada said.
Managers should get all flavors of mobile devices and test how the e-mail relay systems connect to the devices. “People are so connected to smart phones [that] when they switch over, if there are snafus, that is not a good thing,” Puvvada said.
The server that receives e-mail also pushes to mobile device connectors for management of the mobile devices. Make sure to test all connectors and the necessary configuration changes on devices so that they can access e-mail systems, Puvvada said.
In addition, mobile devices have so many capabilities — such as chat, instant messaging and video — that some older devices might not support those features. Agency managers must baseline what each device handles and put them through tests. The key is to not focus only on prevalent devices but all devices that IT is aware of, Puvvada said.
The bottom line
The clock is ticking for agencies to move three applications to the cloud within the next 12 to 18 months as part of OMB’s cloud-first policy.
Agencies should migrate applications that have a presence throughout the enterprise, Commerce’s Whiteside said. To that end, e-mail makes a good candidate but presents a lot of challenges, he said.
The ability to identify agencies’ consumption of computing resources is essential for managers to accurately analyze the cost of IT resources and benefits of moving applications to the cloud.
“It is a pretty sure bet that migrating to the cloud and, conceptually, a commodities-based approach to IT, in general, has got to save [agencies] money,” Whiteside said.