Commonwealth pushes public cloud by default - Techies Updates

Breaking News

Saturday, February 10, 2018

Commonwealth pushes public cloud by default

Spruiking a public cloud-first approach, the Australian government has lifted the lid off its new Secure Cloud Strategy.



The Australian government has unveiled its new Secure Cloud Strategy, lighting a fire under the agencies yet to embark on a transformation to the cloud by offering a guide detailing the foundations for "sustainable change".

The Digital Transformation Agency (DTA) developed the new strategy [PDF] but said many agencies will need to change the way they operate to make the most of it.

"In the Australian government, a number of factors can get in the way of agencies realizing their cloud aspirations, from a shortage of knowledge and experience, decades old, stubborn operating models, and a struggle to sell the case for cloud across the business," the strategy explains.

"This is not a simplistic 'lift and shift' view of the transition. Instead, the strategy aims to lay the foundations for sustainable change, seizing opportunities to reduce duplication, enhance collaboration, improve responsiveness, and increase innovation across the Australian Public Service."

Expected to be a guide for government entities to develop their own cloud strategies from, the strategy explains cloud implementation will be guided by seven principles, including using public cloud services as default.

"The public cloud market offers a broad range of services and providers that enable agencies to keep their technologies and business processes up to date," the strategy explains. "Public cloud can provide fast and competitive options for agencies.

"Agility comes from models that leverage standardized cloud technologies."

It adds that agencies must source as much of the service through the cloud as is "practical and feasible" for any new or emerging business capability or modernization of existing services; and where the cloud cannot be sourced to meet the capability, agencies must approach their own developments to be cloud-enabled.

The strategy also asks agencies to make risk-based decisions when applying cloud security, design services only for the cloud and avoid customization, use as much of the cloud as possible, take full advantage of cloud automation practices, and monitor the "health" and usage of cloud services in real time.

"Agencies must design all new or modernized ICT services as cloud-native, or cloud-enabled," the strategy continues.

The first step, according to the guide, is to begin a cloud journey with low complexity services and progressively "maturing" the approach to add medium complexity services, reiterating again to opt for an off-the-shelf service, rather than a bespoke one.

However, high-complexity services, described as often being legacy ones, may require bespoke products, as they are difficult to shift and often hold significant volumes of sensitive data.

"Agencies will also need to plan the modernisation, migration, network, skilling, and service management capabilities needed to integrate cloud services into their environments," the strategy says, highlighting also the importance of preparing budgets.

The strategy also comprises a handful of initiatives, with the first requiring agencies to develop their own cloud strategy.

The second initiative requires agencies to implement a "layered certification model", asking the government to not forget the cloud certification elements of using vendor solutions.

The Cloud Services Panel, a whole-of-government panel established in 2015 to support agencies in procuring cloud services, allows agencies to request quotes for cloud services without going to tender.

The recent ICT Procurement Review found some suppliers and agencies believe there are too many panels that are not refreshed often enough, limiting access to newer and more innovative suppliers, including SMEs and startups.

Itemised under initiative three, the new strategy says cloud service procurement will be aligned with the review recommendations.

As part of an agency's cloud strategy, it must create a dashboard to show service status for adoption, compliance status, and services panel status and pricing; while another initiative asks government entities to create and publish a cloud service "qualities baseline and assessment capability".

The DTA also wants the establishment of a whole-of-government cloud knowledge exchange to allow agencies to work with one another and reuse common capabilities for their cloud adoption and use.



No comments:

Post a Comment