While cloud offers governments the opportunity to leverage the capabilities of outside providers to deliver scalable and responsive services, technology leaders still have the responsibility to ensure their users can reliably access those services.
“In a hybrid work environment, there is much more demand for predictable connectivity,” says Center for Digital Government (CDG) Senior Fellow Bob Woolley, formerly chief technical architect for the state of Utah's Department of Technology Services.
That’s a challenge, as the proliferation of internet-connected services in our work and personal lives have led to the presumption that it all “just works,” says CDG Senior Fellow William (Bill) Rials. In reality, poor connectivity can create issues with latency and responsiveness that negate the benefits of cloud migration.
Among the strategies that government leaders must keep in mind:
Connectivity is a shared responsibility. As with other elements of cloud services, it’s important to understand how responsibilities are divided between the government IT operation and the cloud service provider.
In general terms, cloud service providers typically manage the service stack available to customers, as well as security issues involved with connectivity and data storage. “Cloud service providers report against SLAs [service level agreements] and alert clients to suspicious activity patterns appearing in connectivity or other hosted services,” Woolley says.
Government IT staff are responsible for a much wider range of issues, including the applications and operating systems deployed in cloud and hybrid environments —but also key points of connectivity, including on-premises and virtualized networking.
“IT staff provide provisioning for the computing environment with appropriate levels of security and access control,” Woolley says. “Local staff also make deployment and provisioning decisions for network, data and service resources.”
That division of responsibilities is one reason governments must pay outsized attention to security in cloud deployments, as many of the issues that have led to breaches — including resource misconfigurations and incorrectly applied policy settings and security controls — have fallen on cloud customers, not providers. In fact, these issues will continue to be responsible for as many as 95 percent of cloud security breaches through 2022, according to research by Gartner.1
As with other partnerships that involve shared responsibilities, opening clear lines of communication with cloud service providers is critical. “Communication and reporting between IT staff and cloud data center staff becomes one of the critical factors in rapid problem resolution and ensuring appropriate connectivity and scalability for resilience,” Woolley says.
Pursue a hybrid approach to connectivity. Just as governments often engage in hybrid cloud environments, they also take advantage of multiple avenues to connect to cloud providers.
Cloud connections can be made via the public internet, by direct network connections and through cloud internet exchange brokers, which provide direct connections to cloud service providers. Most government IT organizations take a hybrid approach to connectivity, leveraging more than one of these options, according to Woolley. “[They] will generally take a least cost approach, and could easily leverage existing private WAN services, public internet and broker services,” Woolley says.
Rethink access protocols. For both security and connectivity reasons, hybrid IT environments benefit from role-based access control (RBAC) for users. Generally speaking, these controls focus on specific sets of data instead of the systems they’re housed in, ensuring only appropriate users access different data stores, whether they are located in on-premises data centers or the cloud.
“Directory infrastructure needs to ensure role-based access control or equivalent methodologies to facilitate rapid access and scalability to authorized services,” Woolley says.
Reconfigure networks for hybrid connectivity. Networking operations must optimize connectivity regardless of where services are physically located, according to Woolley. “Classic hub and spoke designs and inflexible static routes need to be eliminated in terms of optimal routing technologies for user access to resources irrespective of whether the resources are cloud or premise-based or a hybrid,” he says.
Governments also must evaluate their network design to enable edge computing — both to support remote users and connections to cloud providers. Potential options to improve connectivity include leveraging existing fiber assets with Dense Wavelength Division Multiplexing (DWDM), an optical multiplexing technology used to increase bandwidth over existing fiber networks, and integrating services from commercial broadband providers.
“Networks need to be reimagined in favor of continuity and resilience,” Woolley says. “Network consolidation and integration of external services for both reach and on-demand resource availability is more important than ever.”
There’s also an upside for governments: Cloud provides new options for failover methodologies, redundancy, dynamic scalability and disaster recovery — all functions that were once the sole responsibility of government IT staff and can now be shifted to cloud providers for greater resilience and reliability.
Consider connectivity in service-level agreements. While many networking considerations remain within the enterprise, government IT leaders must also ensure cloud service providers deliver on the resources governments need when demand spikes.
Woolley argues that “governments should err on the side of over-provisioning” to ensure consistent service loads when demand spikes.
These considerations also work their way into service level agreements (SLAs) with cloud providers. But for SLAs to meet government needs, IT leaders must also understand the full scope of internal demands. “Governments need to be able to measure and report service effectiveness and align those results with SLAs to both providers and agency stakeholders,” Woolley says. “To achieve these goals, government IT organizations must also change, breaking down internal silos. SLAs need to reflect reality for all participants. It is not enough just to measure provider SLA compliance. Internal provisioning and network performance for stakeholders and constituents also needs to be a key part of overall connectivity performance assessments.”
Look beyond the enterprise for support. Just as cloud provides a way to leverage specialized expertise and resources, governments should consider partnering with external providers on connectivity needs, Woolley urges. “The business of government is government service,” he says. “IT is an enabler, not a primary mission. Choose deployments that create the least friction with customers and the fastest time to benefit for customers and stakeholders.”
1 https://www.gartner.com/en/documents/3850266/clouds-are-secure-are-you-using-them-securely-0
Sponsor Content
Managing Cloud Connectivity
