Cloud

Complex Multicloud Environments Require the Right Tools to Maintain Efficiency

VMware is among the solutions used by the Department of Veterans Affairs and others to keep the cloud organized.

Carolyn Shapiro is a freelance journalist based in Burlington, Vt., with expertise in covering business and technology, health and science, consumer issues and the food industry.

If two heads are better than one, as the saying goes, then multiple cloud platforms should deliver better outcomes for the IT operations of federal agencies. That’s the idea behind multicloud: Different clouds with different capabilities bring the best possible solutions for an agency’s needs.

The inherent intricacy of multiple cloud services, however, poses the biggest challenge for agencies.

“As cloud adoption spreads across government, agencies often end up with a complex mix of environments and services,” explains Ranil Dassanayaka, vice president of architecture and engineering for public sector and healthcare at VMware, which provides IT services and modernization solutions for private sector and government clients.

VMware Powers the VA’s Multicloud Infrastructure

The Department of Veterans Affairs took a multicloud approach to its cloud migration beginning in 2018, using Microsoft Azure and Amazon Web Services, says Dave Catanoso, director of the VA’s Enterprise Cloud Solutions Office.

“We try to take advantage of some of the common services from both,” he says. “We also take advantage of the unique services when it makes sense for given applications that we migrate or build in a cloud.”

Multicloud “enables us to get familiar with two of the leading cloud service providers to mature our capabilities and processes, train staff, avoid some vendor lock-in and create a little bit of competition at the same time, and minimize the duplication of effort and overhead,” Catanoso adds.

DISCOVER: Find out how VMware can help your agency manage its cloud environments.

The VA’s highly virtual on-premises infrastructure is based on VMware. The agency recently built a platform on top of its current enterprise cloud system to expand that in-house infrastructure and stretch the multicloud environment to its data centers, Catanoso says.

VMware recently received high impact-level authorization from the Federal Risk and Authorization Management Program (FedRAMP) for its AWS product, and the VA is looking at VMware’s FedRAMP-approved product on Azure when that becomes available, Catanoso says.

The multicloud approach furthers the VA’s efforts to improve access for the veterans it serves. “Cloud enables a high degree of innovation and leveraging of the latest and greatest technology out there,” Catanoso says, “so we can bring that to bear to deliver capabilities to our veterans.”

Cloud Service Providers Keep Multicloud Environments Moving

The key goal in federal IT today is efficiency, especially as agencies work to update legacy systems. A multicloud approach offers no benefit if it creates more work, uses excess resources and duplicates efforts — adding to costs rather than minimizing them. Multiple clouds must work together seamlessly and streamline the interface between on-premises and cloud-based applications while keeping data secure.

“To control costs, improve operational efficiency and make the most of the technology, agencies should take a more holistic approach to managing multiple clouds,” Dassanayaka said during the FedScoop Public Sector Innovation Summit in June.

“Thinking holistically prompts agencies to proactively consider and plan for multiple clouds, while reducing the risks and costs of all the activities involved in managing, securing and governing,” he added.

Cloud service provider tools help agencies manage multicloud environments and broaden their view of “the entire lifecycle of cloud operations,” Dassanayaka says.

This improves efficiency and effectiveness while increasing flexibility to run resources and services anywhere, he says. Agencies can then speed up projects and push out software faster — when, for example, an entire workforce must shift to remote work during a pandemic — without sacrificing performance.

“For each CSP, we leverage some of the cloud-native tools they provide to do things like manage the security and migration of applications into the cloud,” Catanoso says. “At the same time, we also stood up several tools outside the CSP to perform things like governance, performance monitoring, security monitoring and various forms of other management services.”

One tool, Turbot, monitors cloud service configuration settings to make sure they comply with VA policy. “If application teams make a change that they’re not permitted to make, Turbot will detect that, and then we can have it automatically correct the setting on the fly,” Catanoso says, adding that the agency takes that step cautiously. “But that does provide us a degree of security.”

Another tool helps the VA monitor dynamic applications and channel artificial intelligence to its operations teams for software running in the cloud — “a very ephemeral environment,” Catanoso says. The agency plans to expand that tool to on-premises applications as well.

Cloud-enabled Software as a Service solutions range from Microsoft Office 365 for the VA’s virtual desktops to Salesforce for low code/no code applications. The CSPs also provide SaaS, such as Amazon’s database connector, Catanoso says.

EXPLORE: A new federal cloud marketplace is in store for agencies.

Multicloud Environments Require Stronger Safety Measures

Data protection is fundamental, and a multicloud environment should help close security gaps rather than create holes where danger can creep in. The General Services Administration set up FedRAMP in 2011 to standardize security and risk assessment for cloud services deployed across the federal government.

Once a CSP receives FedRAMP authorization for the security protocols around its offering for a particular agency, any other federal agency can put that product into use without going through the same review, helping to accelerate the adoption of cloud computing across the government.

“From a security perspective, agencies will be able to support a multicloud environment through understanding the uniqueness between clouds as a key to securing them,” Christina Wilkes, a GSA spokesperson, says.

“Successful agencies supporting a multicloud environment have the opportunity to centralize much of the multicloud process, from procurement to security,” she says. “Centralizing the efforts allows business units to focus on their mission, while allowing experts to provide support to those businesses units.”

Brought to you by: