Jeffrey Sorenson is President and Partner, A.T. Kearney Public Sector & Defense Services, and retired Army LTG/former CIO-G6. (File)
Cloud computing is a business concept used by more than 80 percent of the Fortune 1000 companies today. In 2014, commercial companies will spend more than $55.5 billion on public cloud-computing services, up from just $16.9 billion only five years ago.
Implementation lessons learned from these companies can offer valuable insights to the Department of Defense and other government agencies as they consider their own move into the cloud. This post will focus on three of those key lessons: first, a clear definition of “cloud computing” and “the cloud”—terms that often confuse many people; second, an understanding of the benefits to be gained from leveraging cloud computing services; and third, an awareness of the challenges often faced when implementing these services.
We define “cloud computing” as a set of virtual computing resources offering flexibility and rapid deployment via remote access to software, operating systems, computing resources, and networks. We define “the cloud” as any combination of software, platform, and infrastructure offered as services by an independent vendor over the Internet or a private network, and usually outside the firewall of an organization. Today the three most popular cloud-computing services are SaaS (software as a service), PaaS (platform as a service), and IaaS (infrastructure as a service).
The best example of cloud service implementation over the past decade is SaaS, which hosts and delivers software packages via a public or private network. Lead companies often use customer relationship management software on a per-use and per-transaction basis as an example of SaaS. Bundled software suites, Web servers, and development tools hosted in vendors’ clouds are typical examples of PaaS. The best known PaaS bundles, Google Docs and Microsoft Office 365, offer entire end-user productivity suite of tools in the cloud. Finally, IaaS provides companies with virtual servers, extended networks, and remote storage, thereby, enabling them to eliminate their own hardware, maintenance, and infrastructure.
Companies that have successfully adopted cloud computing services typically achieve three key benefits—speed to deploy, agility to innovate and IT cost savings—that can help drive adoption of cloud-based services in the DoD and other government agencies.
Speed to Deploy
The time it takes to implement a new IT project behind an organization’s firewall can range from several months to several years. Use of cloud computing services can reduce this timeframe significantly. Some cloud-based projects can be up and running in a couple of months, others in just days, and some in a few hours.
Large-scale email and office productivity tools are two of the most common IT projects moving to the cloud. These efforts can reduce IT costs while enabling organizations to experience the benefits of flexibility and extensibility of using the cloud. More importantly, they offer a quick way for organizations to take advantage of cloud-computing services without the risk of exposing critical applications.
Agility to Innovate
Today’s large innovation projects are frequently proof-of-concept or experimentation efforts. They often require co-creation, collaboration, and partnership among an organization’s global employees, as well as multiple third parties. If done behind the firewall as traditional IT developments, these projects could require massive infrastructure investment and months of delay while the equipment is approved, bought, delivered, and installed.
The cloud, on the other hand, provides the agility to work on innovation projects (large and small) quickly and inexpensively. Work can begin immediately after signing up for a cloud-based service and the concept can be worked out and operationalized long before it would have been started with the traditional approach.
IT Cost Savings
Leading companies routinely report savings that are orders of magnitude greater than they could have achieved without moving to the cloud. Just recently the Army stated that it had saved $32M by moving its email to the cloud.
The reason for these savings is easy to understand. When a company turns to a cloud-based service, IT expenses—hardware, system administrators, services, software licensing, and/or end-user support—are often drastically reduced. These expenses are replaced with one licensing fee that provides end-users easy access to the service from any computer or wireless device connected to the Internet or a public or private network.
However attractive the cloud may appear, organizations considering the purchase of cloud-computing services must do more than just look at the benefits. They must also balance the benefits against the risk-related challenges cloud computing presents. Key among these critical challenges are data security, data availability, and vendor selection.
A security risk exists whenever data is put on a network, public or private. The most recent retail credit card breaches at the end of 2013 demonstrate just how vulnerable data is, even when stored behind “secured” private firewalls. So, when deciding whether or not to put data in the cloud, a high priority goal for any organization is to work properly to evaluate the risks, put in the right control measures, and work with the most secure vendor possible. Additionally, all projects should be assessed for security risks before putting them in the cloud. In many cases, highly critical projects might be better handled at the organization’s facilities versus the cloud.
A vendor’s temporary failure to provide a cloud-based service may occur at any time. The media attention of “cloud disruptions”—regardless of how small or short-lived the outages are—often makes the problem seem greater than it actually is. In fact, cloud-computing services are normally up and running more than 99 percent of the time.
Even a short failure of service, though, can be costly for most companies and could have catastrophic ramifications for DoD and other government agencies. Thus, multiple steps must be taken, such as building in redundancies, to ensure national security data is always available or deploy only non-critical services and data into the cloud.
Selecting the right vendor is one of most important decisions an organization must make when deciding to use cloud-computing services. Since very little interoperability exists among vendors, it’s technically difficult for an organization to switch vendors once it has adopted a particular service. However, the expense of switching vendors often makes it cost prohibitive. On the other hand, staying with the wrong vendor can create an intolerable working relationship that eventually erodes any savings gained from moving to the cloud in the first place. As a result, once a vendor selection has been made, the organization almost becomes locked to that supplier.
The next two installments of this three-post series on the cloud will delve further into ways companies have maximized the benefits and minimized the risk-related challenges of leveraging cloud computing services.