Overcoming public cloud mistrust in the public sector

null

Public cloud mistrust is high in the public sector. An FOI request from SolarWinds found that 41% of central government organisations, as well as 79% of NHS trusts, do not plan to move everything to the cloud. This speaks to the many challenges that the public sector still faces with cloud adoption. The onus now falls on the GDS and technology vendors to address these issues, which are integral to enabling the public sector to put cloud technology in place. In turn, this will hasten the time to positive results and ROI.   

Investment and ROI

This is despite NHS Digital investing heavily in IT transformation. Between April and December 2017, it spent over £32 million on digital transformation consultancy services. Additionally, £23 million was spent with cloud, software, or hardware providers. Given the low rate of NHS public cloud adoption, it would seem that this investment is not reaching individual organisations. Indeed, 52% of NHS trusts report budgets as a major concern when it comes to implementing public cloud. This rises to 66% among trusts who had already implemented some level of public cloud, showing that the problems often get worse, rather than better, during the implementation process.   

This seems at odds with one of the major potential benefits of public cloud—cost efficiency. Only 17% of NHS trusts that have adopted public cloud expect to see any ROI from the technology, and 6% state they expect to see no ROI at all. This highlights an ongoing challenge that IT teams face to prove efficacy and ROI from public cloud. This is where tech vendors have an opportunity to step up with tools that offer transparency into how the cloud is producing cost-efficiencies. This is particularly important in the NHS, where budgets are tight and IT teams are under significant pressure to do more with less.

Lack of digital skills

A little further down the public cloud adoption journey, central government has felt the impact of a lack of digital skills—a concern voiced by 25% of central government organisations. While the digital skills gap is widely discussed in the SMB and enterprise space, it's important not to overlook the public sector. Science, technology, engineering, and mathematics (STEM) initiatives designed to address this should be adapted to tackle the needs of the public sector as much as the private one.   

Addressing this plays in to a change in IT department culture. IT professionals can no longer only be experts in one field. They need to perform a number of roles, and communicate and interact with both the business and IT function. It will be crucial to attract a new generation of talent to work in the public sector, which means being innovators in the digital space, as well as allocating resources for training and development. An initial investment here pays dividends when a new generation of skilled workers can lead the digitisation charge, which in turn creates new efficiencies and potential cost savings. 

Legacy technology

Finally, the NHS and central government have all previously made significant investments in infrastructures, which have inadvertently created a legacy technology environment. Up to this point, this technology has been invaluable in digitalisation, but it now forms a barrier to public cloud adoption for 65% of central government organisations and 57% of NHS trusts. Existing licences for vendor-specific solutions are creating a sense of vendor lock-in, as organisations feel they need to justify their previous investment before adopting cloud technology. 

While this may be cost-effective in the short term, in the long term it could be a costly strategy. This is the great advantage of cloud-based as-a-service offerings. These prevent legacy technology issues, such as when an upfront investment fails to deliver the longevity it promised. 

IT directors in the public sector should take stock of their digital infrastructure and investments. With the whole landscape in mind, they need to ask, "Are these delivering the flexibility and cost-efficiency we need?" The answer for many is likely to be “I’m not sure.”   

This lack of transparency stems from an absence of visibility into technology performance. Many NHS trusts (77%) and central government organisations (55%) are either unsure if they are using the same monitoring tools across their whole infrastructure or are using different tools for on-premises and cloud environments. This is a natural result of ongoing digitisation and innovation from different departments. Nevertheless, IT departments now need to consider how they regain visibility across these disparate systems. Overarching measurement and monitoring tools will likely form a significant part of this. 

Next steps and solutions

The U.K. Government and National Cyber Security Centre have issued guidelines on cloud security. However, these advisory measures do not go far enough to reassure public sector organisations that the public cloud is secure. It's easy to understand why the public sector remains reticent about the cloud. Given recent high profile security breaches, any organisation would want reassurance.  

Much like the implementation of the Cloud First policy, it is all trust and little verification. While the government may lay out best practices, there is no real initiative in place to check that these are being followed. The GDS may stand to gain from a look across the pond. The Federal Risk and Authorization Management Program (FedRAMP) in the U.S. provides one approach to security across the U.S. public sector. With a pre-approved pool of cloud service providers, the public sector can easily find trusted, secure solutions. This makes adoption of cloud services simpler, and shifts the conversation from security and assurances to innovation and meeting business needs.   

At the same time, IT providers need to make the transition as easy as possible for the public sector. A crucial part of this is monitoring tools capable of working across both a legacy and cloud environment. Using many different monitoring tools may make it difficult to create a cohesive picture of the whole IT environment. With 48% of the NHS and 53% of central government using four or more monitoring tools, this appears to be very much the case in the public sector. Technology providers need to help IT departments overcome this with solutions that link legacy and new systems into one environment. This will be integral for converting public cloud investment into demonstrable ROI, and overcoming the existing mistrust in the public sector.

Paul Parker, Chief Technologist – Federal and National Government at SolarWinds

Image Credit: Everything Possible / Shutterstock