It is best not to be hazy when you are thinking about the cloud.
Managing data through a cluster of servers (i.e. “cloud computing”) can provide very real benefits. But, before making the move, government agencies must be crystal clear about their goals and their plans for safeguarding the information.
Cloud computing can save money for agencies through economies of scale in hardware and software, and through processing charges that ebb and flow with customer demand. Such a network is also well-suited to wowing constituents with 21st century services, such as language recognition software.
All of that, however, could be undone by a hacker or some other glitch that opens up sensitive data, such as Social Security numbers or tax information, to the public.
That’s why privacy considerations are key in advance planning about moving to the cloud.
Agencies must ensure compliance with federal regulations, including the Cybersecurity Information Sharing Act, and state laws.
The most secure option is a private cloud, which is an in-house system maintained by the agency itself or a contractor. On the other end is the public cloud, which is a service open to everyone. An in-between option is the government cloud, which is a public cloud available only for government use.
The Texas Department of Information Resources provides a good model for advance planning. The agency created a cloud policy, set up enterprise agreements with major cloud providers, and created its own private cloud to house more confidential data.
One smart strategy is to start with a relatively small application, such as XXXXX, and to consider migrating that to the could at the same time it’s due for an upgrade. It’s also wise to have an exit strategy from the cloud, something you can accomplish by developing cloud native applications.
Agencies should also keep in mind that, perhaps in the next couple of years, technology will be available that will facilitate movement between clouds. That means officials should build their back-end technology with this capability so they’re not slaves to a certain cloud provider.
Done correctly, most data can go into some type of cloud.
One exception is criminal or law enforcement data. Since so much of that information is sensitive or confidential, the database would have to be scrubbed almost completely before the agency could even contemplate putting it in the cloud.
Examples of data that work best in a private cloud includes information covered by federal regulations, such as the Health Insurance Portability and Accountability (HIPPA) or the Family Educational Rights and Privacy Act (FERPA).
On the flip side, with a pubic cloud, think about a Department of Natural Resources managing a lottery for deer-hunting licenses.
This data really is not all that sensitive, but demand skyrockets as hunters try and click in for about five minutes every year. So, a public cloud would allow the agency to scale up and then back down to avoid putting so much demand on its own hardware.
E-filing for taxes offers another area where the flexibility and scalability of the cloud could come in handy, since most the demand comes right around the filing deadline.
But what if, say, an agency wanted to build a conversational application for Facebook that used artificial intelligence for language-recognition software?
That has actually been done, in fact, using the power and flexibility of the cloud to help constituents find outdoor recreation options.
Through this application, a program like Alexa or Siri might suggest nearby biking trails or a variety of other possibilities, depending upon the user’s inquiry.
On wonkier, backend side of things, the cloud also offers improvements to running monthly batch jobs. In that scenario, the agency only pays for the milliseconds the workload is using that server as opposed to maintaining a dedicated server 24/7.
Agencies should have a clear vision of how the cloud fits their goals for the present and the future. Their motivations should be around the benefits they can achieve by moving to the cloud, such as flexibility and speed. They should also think about how much ability they’ll have to innovate services.
Bottom line: It’s not as simple as saying, “Let’s throw everything in the cloud.”