Federal agencies have embraced Software as a Service delivery models for many of their core applications, from internal email to external help desk platforms. SaaS solutions can help an agency focus on service delivery excellence while relying on the vendor for application infrastructure support.
Bringing a cloud-delivered application into the agency ecosystem often involves integrating single sign-on capabilities, incorporating agency data and managing user lifecycles within the application. These all require specific integration skills.
Agencies that seek to migrate infrastructure to the cloud often find a different set of economics at play. Migrating infrastructure with little or no modification — a so-called lift-and-shift — frequently recreates many of the same problems agencies had with their on-premises applications. While this can be a viable transition strategy, unlocking the full benefits of cloud infrastructure almost always requires some refactoring. This, too, requires a specific skill set.
Click the banner below to receive featured content and cloud solutions by becoming an Insider.
A Cloud-Based Approach Means a New Way of Thinking
Refactoring applications and infrastructure to be cloud-native requires attention to new areas. Network latency and fault tolerance become greater design factors. Securing and monitoring cloud assets involve new tools and processes, and cost monitoring is essential to ensure unused assets do not continue to accrue costs.
Cloud deployments often require organizations to refactor their application stacks to incorporate DevOps principles. Infrastructure as Code tools, such as Terraform, Amazon Web Services CloudFormation and Microsoft Azure Resource Manager, allow organizations to use version control tools to automate deployment and manage changes to infrastructure over time. Container orchestration tools, like Kubernetes and Docker Swarm, allow for self-healing infrastructure that can dynamically scale and respond to changing conditions.
Unlocking these capabilities requires certain skills, but it is not cost-effective to hire a cloud architect for every project. Contracting out on a project-by-project basis likely will result in inconsistent deployments, poor integration and difficulty with monitoring security and cost across different projects. It’s better for agencies to establish a core set of competencies in cloud architecture and find a way to apply those to projects as they develop.
This is where a cloud center of excellence can help propel an agency toward cloud adoption.
CHECK OUT: Read these 7 tips for cloud migration.
CCoEs Require Governance, Brokerage and Community
A CCoE is a focal point for concentrating architectural, security and policy knowledge in a single team so that expertise can be applied consistently across the organization. The CCoE acts as an internal consultant on projects, helping plan, procure, design, deploy and support cloud initiatives successfully.
Gartner identifies the three pillars of a CCoE as follows:
- Governance defines the policies, guardrails, strategy and tooling that an organization must use to be consistent and compliant in its approach to the cloud.
- Brokerage includes the processes and standards the organization will follow to select and contract with service providers.
- Community highlights the CCOE’s role in establishing a community of practice that provides training, knowledge-sharing and change leadership to IT across the organization.
The percentage of organizations that will embrace a cloud-first approach by 2025
Source: gartner.com, “Gartner Says Cloud Will Be the Centerpiece of New Digital Experiences,” Nov. 10, 2021
The Right Stakeholders Are Key to Establishing a CCoE
Establishing a CCoE starts with support from executive leadership. It is critical to secure support from both senior IT leadership and others within the agency community. Many organizations find support for a CCoE within their procurement, legal and compliance offices because the CCoE helps ensure cloud deployments are consistent with organizational requirements.
Once leadership support is secured, it’s time to form the CCoE. Many organizations designate a chief cloud architect to lead the CCoE. While cloud acumen is desirable in this position, the most important characteristics are vision and collaboration. Many organizations engage a trusted partner for the technical aspects of their cloud strategies, but it’s essential that the chief cloud architect can provide change leadership with business partners.
The chief cloud architect should establish a cross-functional group to define and articulate the organization’s cloud strategy and standards. This group should draw from the agency IT community and should engage those who are adopting or contemplating cloud projects. In addition to defining strategy and standards, this group acts as a catalyst for the community-building and knowledge-sharing that are critical for raising the organization’s cloud competency more broadly.
Once established, the CCoE also becomes a critical component of the organization’s IT security apparatus. The CCoE will work closely with the agency’s CISO to develop processes, standards and templates that deliver compliant architecture in the cloud. Many organizations incorporate their CCoEs into their risk assessment processes. The CCoE can establish vetted architectural patterns that integrators can adopt as “inherited controls” and can also recommend or adopt specific tooling for cloud security evaluation and monitoring.
DIVE DEEPER: How federal agencies can leverage cloud for application modernization.
CCoEs Are Key to Organizational Cloud Strategy
As the CCoE matures, it becomes a natural focal point for refining the organization’s cloud strategy over time. The CCoE can work with business partners to establish key metrics required to evaluate the business impact of cloud adoption. The CCoE can also monitor the vendor landscape and help the organization understand the impact of pricing or changes to service offerings over time.
It is worth noting that the federal government has a wide variety of workloads, some of which may not be suitable for cloud adoption. For example, research workloads often require massive storage or computing resources, and the CCoE can help researchers determine when the cloud may be a good fit. Organizations with strong research missions may wish to follow Internet2’s Exploring Clouds for Acceleration of Science initiative, which examines the use of commercial clouds for research workloads.