‘Expectations vs Experience in migrating to Cloud Services’
One of the US Labor Department’s top execs, Dawn Leaf, CIO, United States Department of Labor
was a keynote speaker at CloudExpo2015 this week. The following is a precis of her key reflections to our UK audience regarding Cloud and the experiences from her part in the US government’s adoption of Cloud:
• AWS turnover at $1.67 Bn. Now shows as its own revenue stream.
• 92% of UK enterprise expected to extend their data investment. Cloud is a data reality.
US Government move to Cloud
• Started 2011-12.
• Trigger: DoL IT spend was $82bn p/a, with 80% of that cost on infrastructure and 80% of that spend being on maintenance and ops – had to change. Galvanised move to consolidate data centres and migrate to Cloud.
• Size of challenge: DoL alone has 28 agencies and its ‘mission’ affects 25m workers.
• IT services for 19,000 staff moved across 500 locations to Cloud services.
• 9 different infrastructures, none of which were standardised.
• Expectations: expectations coming out of cloud service were to create on demand self service, broad network access and elasticity.
• Challenges identified by NIST Cloud Computing Technical Roundup.
• Had to review security and compliance in preparation beforehand and review firewalls before any department could connect to Cloud.
• Recommendation that any organisation should include an Operational Readiness Test Phase in their SLAs’ to prove that they could get to cloud, as safeguard.
• Part of prep, DoL had to upgrade bandwidth and assure desktop readiness. They still had 10,000 people working on Windows XP.
• Dawn created standards and definitions for NIST (used across Gvmt depts).
• Need clearly defined roles and responsibilities for interoperability.
• If an issue needs resolving, all sides engage, no silo mentality. Frequently a 3rd party is blamed and hard to move forward in good time. Gov had issues with Microsoft, but MS put their hand up + issues with Blackberry.
• Had to review cost challenges
• Needed to estimate mailbox cost per individual vs legacy – worked out the same @ $15 p/mailbox pp.
• Had to sell change to workers to avoid unlimited archive space for staff – housekeeping.
• Issue of Sharepoint which needed to be migrated – taken step at a time: dealt with first legacy of MS Outlook – moving mail only first.
• Systems reviewed illustrated challenges – Sharepoint alone had 100 instances of legacy to map. New policy drafted around Sharepoint for new form as primary need in new structure.
• Issue of datacentre consolidation would meet two objectives in US:
• DoL managed to reduce number of datacentres by x40 in 2015. Datacentres now located in outside Washington in DC.
• Cost reductions came by checking that datacentres were ‘ready’ to be migrated.
• Changes created significant energy cost savings
• Consolidation also created significant reduction in operating costs.
• Bottom line: two security operations in two silos supported by two people were costing $200k p/a. Savings made by moving to one model.
a) Consolidation and standardisation
b) Migration needed redesigning in line with Government Digital Platform.
• DoL now have 400 x more storage than before.
• Generally lots of legacy and services to migrate – cannot move lock stock.
• Serious challenge as affected lives so had to take it step by step.
• As a Gov organisation they faced legal requirements which were non negotiable.
• Had to adhere to FISA, with additional requirements around security inputs:
o High (sensitive referenced data) – lots of these for Gov – assessed that Cloud not less secure, but the costs jumped so greatly that on cost effective basis, better to have private Cloud or private federated Cloud approach in this band to protect national impacts.
o Medium (PII falls into this category) = there were 200 – all below national levels
• Used federated map risk programme to scrutinise.
• Gov assessed that with Medium risk data – Cloud did not create an increased threat to servicing.
• The main threat to any organisation is from within – its staff. Cyber espionage whether criminal or run of the mill occurs with 000s of threats/hacks on daily/ weekly basis in US gov departments.
• Recommendation – need sound security practices
• Can take 2 years from selection of cloud partner to implementation.
• Budget and procurement cycles.
• Gov has to have back up plan to keep services going if all falls down
• Gov now has Cloud first policy – strategic decision in outsourcing.
• Closing vision piece – need more science and technology women coming through in sector. Headcount in room 5 out of 100 in theatre.
Overground underground wandering free?
Travelling to London for this week’s CloudExpo2015 at Excel, it was fascinating to do a quick spot check on the variety of devices used by commuters on the train and then the tube.
Around our section of 8 separate travellers sitting across two tables journeying on South West Trains into London Waterloo, there was a lot of technology on show. Accompanying our little sample were two Mac iBook Airs, three iPads, one HP laptop, one Lenovo Think Pad, one Windows phone, one person read the paper and one person slept. One commuter (working for a Financial Conduct Authority according to the asset label on their laptop) juggled three devices during the journey. And then somewhat alarmingly, the gentleman sitting directly opposite worked away on his laptop oblivious about the fact that laptop monitor showed a post it note confirming his antivirus, VPN setting and login. Truly further education needed about keeping a device secure, especially if it is not your own.
A short while later on the underground, there was no less by way of volume of devices. The tube carriage with 14 seats facing each other, had 10 people variously using smartphones and iPhones whilst the size of luggage carried indicated tablets, iPads and laptops were being taken along for the ride. The remaining four read the freebie Metro newspaper.
Clearly society is very comfortable today with technology, certainly more comfortable having it as a barrier to avoid engaging with a neighbour en route. The difference on show was that everything went decidedly smaller as we went underground to suit the environment and the sense of enclosed space. This reliance on technology will only increase in future as our desire to have technology whilst on the move and to stay connected ramps up. In contrast, the technology will get smaller, lighter and faster as devices and technology are completely interwoven into every part of our lives both during and outside work.