Story image

The silver lining in Australia’s Government cloud strategy

26 Mar 2019

Article by Macquarie Government managing director Aidan Tudehope and Mesosphere co-founder Ben Hindman

Cloud has been a huge part of the ‘digital transformation’ conversation within Australian government during recent years.

Through initiatives such as the Digital Transformation Agency’s (DTA) Secure Cloud Strategy, the Australian Signals Directorate’s Certified Cloud Services List, and cloud-based platforms made available for different agencies, the Government is promoting a cloud-first strategy that aims to create a secure and better environment for digital initiatives to work.

The need for this is simple – agency-owned data centres or server rooms as we know them are becoming a thing of the past. Leading analyst firm Gartner expects that by 2025, 80 percent of enterprises worldwide will have shut down their traditional data centre – versus just 10 percent today.

Cloud can take the babysitting and firefighting of ICT infrastructure out of application delivery and digital services, and enable faster connectivity, scalability and speed – all vital in the forthcoming era of 5G, Internet of Things (IoT) and all the other more advanced technologies and applications that will or have become part of daily workflows.

So why are we failing?

Despite the promises made by cloud, digital transformation in government organisations is struggling. A recent survey by market research firm Colmar Brunton highlighted that three-quarters of Australian government organisations reported significant failed IT projects, with many saying between 20 and 40 percent of projects failed.

These issues weren’t confined to government. Other industries also demonstrated high rates of failure, but, overall, government agencies rated their digital maturity as lower. Further, research from Macquarie Government shows that agencies’ approach to cloud is still very tactical, with insufficient attention on opportunities to enable organisational change. It seems government is falling behind rather than setting the right example for other industries to follow.

Security is another concern – the same report from Macquarie shows agencies have struggled to implement appropriate security controls across their IT environments, despite recognising that cloud can actually enable better security.

Failed IT projects bring a considerable cost – often to the tune of millions of dollars – not to mention the reputational damage they can garner among citizens who suffer as a result.

The damage doesn’t stop there – these projects failing mean we’re missing out on the benefits of true digital transformation and potentially falling behind in the global digital race.

Without successful investment in areas such as big data analytics, DevOps, app modernisation and intelligent resource pooling, we may miss out on the technologies of tomorrow and all the benefits they can bring.

Changing our attitude to cloud

There are a number of issues that can be the difference between whether an IT project fails or succeeds, the major ones being budget and relevant skills within the organisation – issues that aren’t going away any time soon.

But there is another that can be easily managed that would also improve the other two and that is a new approach to cloud technology.

The Government and DTA are not wrong to place such a huge focus on cloud – however, it’s important to realise cloud is not a commodity or single-type service – the plethora of different cloud platforms in existence today can be intimidating, and it’s a fast-growing list.

Not all of these are fit for purpose for applications government organisations need. No one cloud platform could service all of these needs anyway, particularly as the landscape changes so rapidly.

For example, many Government organisations go big on public cloud – a system where the organisation simply rents the IT infrastructure it needs when it needs it, rather than investing in its own. This has notable advantages – it removes the need for costly up-front investments in infrastructure that can become out of date quickly and takes the costly, and often painful, process of managing a data centre on site.

But with public cloud comes issues too – firstly data that enters public data centres is subject to being kept in other jurisdictions. Global cloud providers have given assurances that Australian governments’ sensitive data will reside within Australia, but doubt remains over whether ‘follow-the-sun’ public cloud support services permit data access by uncleared technical staff overseas. This is simply not an option with sensitive workloads and data governments hold as a matter of course.

Secondly, public cloud is easy to get into, but difficult to get out of – many organisations report cloud ‘lock-in’ by customising or developing apps within a public cloud provider’s proprietary development platform. Getting out of it can be extremely costly and complicated. Additionally, a growing number of agencies that use public cloud services report ‘bill shock’ as unexpected service consumption has depleted budgets early.

There is a need to balance use of the public cloud with private cloud, which in modern times can effectively deliver the same result but under the control and supervision of the organisation it serves – enter hybrid cloud.

Research from top analyst firm IDC indicates hybrid cloud (a successful combination of both public and private) will take its place at the helm of cloud services with almost 50 percent adoption in Australia by 2022.

Further, there are new technologies available now such as containers that can simplify the once complicated process of actually moving applications between different environments – this means everything can be seen on one interface and applications and workflows can exist in the most appropriate and cost-efficient environment at any time.

Hybrid and the use of these technologies have the power to put choice into the government digital transformation strategy. It means agencies can choose which cloud environment, public or private, to run workflows that is fit-for-purpose and has security controls comparable with the data’s sensitivity.

This can provide a rock-solid environment for organisations to run IT projects, and through automation and maximising resources government agencies can even save money and free up the limited IT resources.

Adopting a hybrid approach is necessary to dramatically improve the ratio of success-to-failure in government IT projects and changing digital transformation from a conversation to something that truly works for the government and citizens alike.

Tech Data to distribute Nutanix backup solution in A/NZ
Tech Data will distribute HYCU Data Protection for Nutanix backup and recovery software to their network of partners across Australia and New Zealand.
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.