Socitm publishes public sector cloud adoption guide

A new report outlines the key factors behind the sometimes-slow adoption of cloud services in the public sector.

Public sector IT association Socitm has published a new practical guide for public sector CIOs into the challenges and opportunities presented by cloud computing.

According to the report, while the relatively slow adoption of cloud computing in the public sector is often attributed to public servants being adverse to change, this only paints a partial picture.

Other factors include cloud sellers overselling the benefits and misunderstanding the risks, costs and challenges of cloud adoption in a public sector context, as well as a lack of strong governance and unclear cloud adoption policies at the leadership level.

A key factor behind a successful cloud adoption strategy is understanding the various types of services available, the report states. Procurement concerns will differ depending on the service.

For example, hosted cloud platforms offer basic cloud infrastructure as a service, the report states. Procurers can assume the recognised brands are safe, secure and resilient, but must take care in managing how sensitive data is tracked and shared, and where data is located and processed.

Cloud-native applications meanwhile can be deployed and fixed faster, but CIOs will need to ensure that their team has mature methods for development and optimisation. Homegrown solutions can help address particular challenges better than even specialist solutions from the private sector, but care needs to be taken to optimise performance and security and avoid creating future legacy overheads.

Realising the benefits of cloud investments also involves careful planning and often requires advice on how to best capitalise on the investments.

These benefits include improved resilience, enhanced security, potential cost savings, sustainability improvements, greater flexibility and superior innovation.

Public sector CIOs also need to resist the temptation to attempt to do everything at once, Socitm said, warning that too many concurrent cloud implementation and transformation projects can be confusing and challenging in terms of governance, supplier management and change management.

In addition, adopting cloud computing can introduce some unique risks. But while many CIOs expect the main risks of cloud computing to be in maintaining resilience and control of the technology environment, security and data management, these fears can be misplaced, the report states.

Instead, cloud technologies commonly cause risks in areas including increased use of shadow IT, a growing dependency on internet connectivity and capacity, the lack of clear data ownership for apps, and the lack of understanding or tracking of data use — which can have regulatory implications.

The report adds that a move to a predominantly cloud model of IT requires even more careful consideration by CIOs, who can expect to face challenges in areas ranging from security to avoiding vendor lock-in, the provision of technical support, data governance issues and increased requirements for IT resources.

Another area that needs careful thought is choosing a cloud service provider partner. Socitm recommends that CIOs conduct extensive due diligence checks in tendering and selecting a cloud service.

These checks should involve an evaluation of both the vendor and its solutions — with credential checks and standards and accreditation evaluations — as well as the terms of the proposed contract, including the support for transition and migration that the vendor will provide.

Image credit: ©stock.adobe.com/au/jijomathai