12 steps to a successful cloud implementation
The cloud presents a great opportunity to reduce cost while increasing performance. Many government agencies are moving past selecting an infrastructure-as-a-service provider and are wrestling with the challenge of actually achieving value from the cloud. Recent request for information back this assertion as solicitations focus on transitions and multi-cloud environments. Conversations with agency cloud practitioners and procurement officials reveal the need for good, simple advice that can help them move forward.
We have developed 12 golden rules to help agencies make the most of their cloud investment and implementation. On the surface many of these ideas may seem obvious, but the rate of cloud implementation failure suggests otherwise. After over 30 years in the IT business, I find it is useful to put these rules in place at the start as an organization builds its cloud strategy.
1. Start with a cloud center of excellence. Like any major IT investment that results in significant agency change, cloud initiatives need structural support. We recommend standing up a cross-cutting CCoE with the charter, governance, leadership, expertise and clout necessary to achieve results. The CCoE should include a program management office (PMO) to manage the financial, change, communications, technical and operational challenges associated with cloud implementations.
2. It’s still IT infrastructure. As with any government IT program, the same rules around governance and security still apply -- but with increased complexity and accelerated timelines. Make sure the CCoE PMO can work across the organization to get things done quickly.
3. Look beyond the technology. Successful cloud implementations go beyond simply ordering IaaS from a cloud service provider. The cloud ecosystem should include the cloud management platforms, disaster recovery solutions, governance and compliance monitoring tools and professional services to ensure success. As agencies move past IaaS, the ecosystem can be expanded to include artificial and machine intelligence and platform- and software-as-a-service options.
4. Change management is important. Implementing the cloud involves the movement of sand piles, so turf battles inevitably emerge. To avoid last minute confusion and standoffs, make sure a robust change management function is part of the PMO.
5. Start small and build success incrementally. Most organizations that achieve cloud success avoid high-risk, big-bang multi-application transitions and start with one or two simple use cases to build organizational knowledge. As knowledge is gained, more use cases can be added to the mix.
6. It is all about saving money. As agencies consider use cases, their cloud strategies must consider the total cost of ownership implications of investments and determine the right mix of cloud and on-premise data centers.
7. Watch out for vendor lock-in. Sometimes it is harder to get data out of the cloud than putting it in -- especially when cloud instances accumulate data over time. Agencies should make sure they can move their data with a disaster recovery strategy that includes agnostic cloud data management.
8. There is more to cloud security than FedRAMP. The Federal Risk and Authorization Management Program does not equate to an authority to operate. Federal agencies still must go through the risk management framework to gain an ATO, so they should be sure their PMO has cloud security experts who can successfully navigate the RMF process. Conversely, an ATO maybe gained for services that reside on premise or on cloud-based instances, so don’t let FedRAMP be a barrier to a really valuable cloud-based service.
9. Avoid putting all of your cloud eggs into one basket. The cloud market is advancing at a rapid pace with new capabilities being introduced daily. To maximize flexibility and minimize cost/performance risk, consider a cafeteria-style multiaward procurement for cloud products and services.
10. Don’t forget about the Trusted Internet Connection. Cloud-based high-volume solutions may require a significant amount bandwidth that quickly overwhelms an agency's TIC. An agency's support contractor should have significant experience in working with the Office of Management and Budget and the Department of Homeland Security to successfully virtualize the TIC.
11. Stay out of the lake. Immediately implementing a data lake is like renting a storage locker; stuff builds up, and users end up paying for storing things they do not need. A data management strategy must consider the data specific to the use cases being addressed.
12. Maximize the hybrid edge. Optimizing traffic across a dispersed geographic area that can span multiple internet point of presence is critical to the delivery of cloud-based enterprise solutions. When paired with requirements to provide scalable and elastic back-end computing, integration between on-premise cloud environments and content delivery networks is required. The CCoE must include a hybrid edge approach.
For many agencies, transitioning to the cloud can be a high-risk endeavor, but following these protocols greatly increase success. Transformational technology change creates upheaval and does not happen overnight. These 12 golden rules of cloud implementation offer agencies a starting point as they begin their journey to the cloud.
Rick Hill is senior vice president at HumanTouch.