As federal agencies embrace a Cloud Smart approach, they are frequently moving to a hybrid multi-cloud environment. In fact, according to a recent MeriTalk survey 77 percent of public sector IT leaders see hybrid cloud as the right choice. As smart as that strategy is, however, it can still create some complications and introduce complexities for agency IT teams. But after listening to both industry and agency experts discuss the benefits and challenges of a multi-cloud environment, we’ve identified three strategies for optimizing a multi-cloud environment for federal agencies.
“The federal government has done an exceptional job of adopting the cloud into the mission environment,” shared Cameron Chehreh, CTO and VP at Dell in a recent FedInsider webinar. “The cloud isn’t just a tech tool, [for federal agencies] it’s an economic and business model.” But moreover, it’s the foundation of digital transformation. The flexibility to move data and workloads within an agency – and sometimes between agencies — the efficiencies from being able to process data quickly, and the ability to scale at will have all helped federal agencies meet the mission in recent years.
Federal IT leaders came to realize, though, that not all data belonged in the public cloud – or even the cloud at all – and that the public cloud wasn’t a panacea to budget issues, it was very often the source of them. Most notably, while it was inexpensive to store data in the public cloud, retrieving that data for use in AI and other applications, is likely to break budgets. To that end – and for other reasons too – agencies have move to a multi-cloud approach where data, applications, and workloads reside in different environments based on function and patterns of usage.
“With a multi-cloud environment anything is possible,” explained ViON’s Department of Defense lead, Justin Ciaccio. “It is definitely the preferred environment, but it does come with its own challenges, such as security and compliance, architecture and connectivity, and end-user experience.” For the United States Air Force University, for example, the number one cost today that’s associated with the cloud is ensuring data integrity, security, and compliance. According to CIO, Jeff Lush, “[For us] 100 percent of all transactions and services are now in the cloud…and now our goal is to reduce the security threats,” he shared.
With these concerns being echoed by other federal IT leaders, including Dr. Greg Edwards, CEO of FEMA and Vijay De Souza, Director IT & Cybersecurity Team, GAO, what’s an agency to do to optimize their multi-cloud environment, overcome the challenges, and ensure it delivers on the promise? From the webinar we distilled three strategies that agencies can take to optimize and secure a multi-cloud environment.
Step 1: Collaborate with a Partner to Architect Success
In a multi-cloud environment having options about where to store data or put applications creates a lot of complexity. Working with a technology partner that has architected many multi-cloud environments sets an agency up for success. “Understanding the best place for a workload to sit both economically, usage-wise, and for security reasons is a common challenge for agencies,” shared Chehreh. “Building a strategy and framework for a multi-cloud environment from the beginning will yield the best result and the best use of budget.”
To optimize a multi-cloud environment, you must first identify goals, develop a strategy which includes understanding how the cloud fits within the current architecture. Then the next step is to identify current workloads and where they live, and finally understanding what can be developed in a public cloud and can then be moved on-premise for production. “As agencies embrace AI and rely on the agility and nimbleness of DevOps getting the workload to the right place from the outset and architecting correctly – including retention policies — is the best way to optimize a multi-cloud environment,” concluded Chehreh.
Step 2: Build a Multi-Cloud Strategy That Embraces Infrastructure as-a-Service
Building a multi-cloud strategy that embraces Infrastructure as-a-Service the easiest way to manage budgets and avoid the costly overruns that come from needing to buy capacity outright upfront. In moving from a Capex model to an Opex model an agency acquires flexibility in accessing capacity and in budget. “In essence, buying as-a-Service means that you can buy what you need when you need it, rather than trying to estimate what you need at the beginning of a project and then having way too much storage on your hands, or too little and paying hefty overage fees,” explained Ciaccio. “There are other benefits too, including being able to tap into cloud experts when you need guidance, and being able to track usage and other important metrics on a single pane dashboard.”
As more data is created and stored, as data governance becomes more nuanced, and as AI applications demand that data be moved frequently between storage and production environments, the ability to have a flexible and non-punitive pricing model will assume even greater importance for agencies. The good news is that with a trusted partner it’s easy to embrace infrastructure as-a-Service and chart a smarter and more affordable journey to the cloud.
Step 3: Bake Security and Compliance in From the Ground Up
There are several ways in which agencies can layer security and compliance into their multi-cloud environments to balance the need to easily access data with the need to protect that data. It starts with buying FedRAMP-approved solutions, but it also comes back to building the right architecture. “As well as doing penetration testing on a regular basis, we also rely on automation of trouble tickets to help extend our security team’s capability,” explained Lush. “But most of all having knowledge about where data resides and where it should reside, is powerful insight.” This is especially relevant today where data leakage, data integrity attacks, and unauthorized access of data are of real concern and can also indicate more serious security issues for your agency.
But the ability to bake in security doesn’t just apply at the macro level of acquisition and pen testing. Chehreh was quick to point out that operating in a multi-cloud environment introduces the opportunity for more granular security controls. “Well-crafted multi-cloud solutions enable role-based access control and governance that denies and enforces access by user roles across the environment,” explained Chehreh. Today, where the trusted insider is just as much a threat to data integrity and security as an external hacker, having a clear understanding of who is accessing date, when they are accessing it and from where is critical to a robust security posture.
With nearly three quarters of federal government IT leaders ready to embrace Cloud Smart and move aggressively to the cloud it’s more important than ever to plan and seek guidance from partners with experience managing the complexities, risks, and common pitfalls. In leveraging industry expertise and combining it with agency-specific knowledge about goals, workloads, and data applications, agency IT leaders will be able to achieve their goals and deliver on the mission more quickly, more cost-effectively, and more securely. By embracing the cloud and the -as-a-Service model agencies optimize not only their teams’ capabilities but also their budgets. Which, in the end, opens up more opportunities for investment in cloud, security, and many other mission-critical technologies.
Want to know more? Watch the webinar for free, here.