The transition from on-premise data centers to cloud environments will continue to be a focus and a challenge for government agencies in 2018. The government-wide push for a cloud-first approach has been in full swing for several years. The low-hanging fruit – those systems that are small, simple, and don’t manage sensitive information – have been addressed. For the others, the surface has barely been scratched.
In fact, from our perspective the cloud remains a mythical beast in the government space. Everyone wants to talk about being in the cloud, but no one really knows how to get there. We recognize the reluctance and even resistance and fear that is generated when the topic of the cloud comes up. Even though the big three of cloud services – GCP, AZURE and AWS – all meet the Defense Information Systems Agency requirements for sensitive data, at the end of the day, the cloud belongs to someone else.
And while it can be that great connector between the data center and edge devices, moving data back and forth as needed, it’s still a stressful decision to make the cloud move. Given the growing number of breaches and the ongoing threats of cyber hacks and attacks, data managers are asking, “Do I really want to put my data there right now?”
At NTS, we recommend a process that recognizes that even though cloud service providers have gotten better with security, there are still plenty of bad actors that just want to gain access and do damage. We work with our clients to look at the data and what they are hoping to achieve, and then to take a three-step “crawl, walk, run” approach to moving data to the cloud. That allows agencies to first get comfortable with “baby steps” before committing to full a full cloud transition strategy:
- Crawl. First, we recommend a small-scale cloud project with servers that have non-sensitive information. We want our clients to put that information in a cloud-based environment, and to get comfortable with the processes, requirements and internal resourcing required to make this move.
- Walk. Second, after getting that comfort level and a closer familiarity with the cloud service provider’s security and risk, it is appropriate to move up to a data server that has more important data that has stronger security requirements. Our clients will build the needed trust that the protocols and security are in place.
- Run. Third, larger quantities of data can now be move in and out of the data center as needed. This can become a large deployment because that trust and comfort has been earned.
Crawl, Walk, Run. It brings agencies closer to the vision of using its own data center together with the cloud to build a robust process that accomplishes the types of efficiencies that the cloud can deliver while leveraging the data center for the truly sensitive data as well as a continuity of operations hub. Taking these progressive steps allows a smooth transition to the cloud while building confidence and trust in the system.