Cloud

Multicloud Management Controls Boost Visibility for State IT Managers

Once government agencies adopt Infrastructure as a Service, they face new challenges in public or hybrid cloud maintenance.

Joel Snyder

Joel Snyder, Ph.D., is a senior IT consultant with 30 years of practice. An internationally recognized expert in the areas of security, messaging and networks, Dr. Snyder is a popular speaker and author and is known for his unbiased and comprehensive tests of security and networking products. His clients include major organizations on six continents.

Once the histrionic arguments about security, control and compatibility pass, it falls to IT managers to migrate to public cloud Infrastructure as a Service. And while cloud-based IaaS offers many benefits, dramatic differences arise in how these services are provisioned and paid for compared with traditional on-premises computing models.

IT managers moving to public IaaS embrace a new management layer focused on cloud services. Things become even more complicated with multiple cloud deployments. According to Government Technology, state and local government purchases of cloud services rose from about 150 per month in 2012 to nearly 600 in early 2017, suggesting states have been adapting their IT strategies to accommodate multiple cloud service providers.

Even IT departments with a strong set of configuration management tools (and modern orchestration and automation tools) will discover that adding a second or third cloud service provider changes everything.

State IT Admins Should Make Cloud Decisions Based on Requirements

Without some type of direct control and monitoring of an IaaS cloud environment, a state IT manager is running blind and faces both security and budget risks. More important, state IT managers never have the luxury of closing their on-premises or hosted data centers and moving all workloads to a single cloud provider.

Inevitably, some workloads stay in-house, such as legacy applications on currently unsupported platforms such as Windows 2000; some applications require specialized hardware, such as tape libraries; and some applications don’t make sense to move, such as local printer management. These constraints produce a public-private hybrid approach, which complicates management of the cloud environment.

Many state IT managers also deal with multiple public IaaS providers. Shadow IT projects already up and running can be nearly impossible to move if tightly locked into services available on a single cloud provider, such as Google’s geographic information systems tools — a favorite for government application developers. Existing IT silos can also fragment IaaS choices.

Once the scope of the problem is clear, state IT managers may choose to aggressively reduce the number of cloud service providers to avoid complexity."

Joel Snyder Senior IT Consultant

For example, Windows teams usually advocate for Microsoft Azure IaaS because they believe Microsoft will better support them in the difficult task of federating and extending Active Directory to Azure, while Unix teams looking at bottom-line costs and greater application programming interface services usually support the Google Cloud Platform and similar offerings.

Manage Cloud Environment Based on IaaS Services

Add all these factors together, and state IT managers quickly discover that they are not just migrating to the cloud; rather, they are migrating to a multicloud environment that requires a new layer of management and reporting. This migration comes with additional levels of complexity, complication, cost and confusion.

Deciding how to manage multiple cloud environments comes down to a series of requirements. State IT managers should compare these requirements with their own environments to choose a multicloud management tool.

Security and network segmentation controls: At the API, virtual machine and networking levels, IT managers need to have strong and consistent security controls to ensure a uniform set of access control and traffic flow rules for everything operating in a public cloud. By using a high-layer cloud management solution, IT managers avoid human errors that may compromise security and risk data breaches.
Comprehensive reporting and budget controls: While the scalability and reliability of cloud services is a big selling point, many agencies anticipate cost savings. State IT managers not only report these savings to their CIOs, but they also keep an eye on things so that misconfigurations or runaway applications don’t blow their budgets.
DevOps integration: In traditional DevOps environments, developers may have development, testing, quality assurance and production environments instantly available at all times. In an IaaS environment, use-based costs provide incentives to keep development systems trimmed, while the outside-the-firewall nature of the systems means that developers must be aware of security at all times. So, IaaS platform management controls must be fully integrated into DevOps processes and toolkits.

Cloud Partners Can Help Build an IaaS Management Layer

Fortunately, cloud service providers and virtualization vendors support both scalability and orchestration in their products, which means that — public or private — there are APIs, monitoring points and controls in place that can build a management layer.

State IT managers may ponder whether to forgo trying to integrate multiple providers, to create a do-it-yourself management system or to jump to an emerging commercial multicloud management toolkit. Once the scope of the problem is clear, states may choose to aggressively reduce the number of cloud service providers to avoid complexity. IT managers with deployments across multiple clouds may require more capabilities, like workload management.

Migrating to public infrastructure services can bring huge benefits and help state IT managers break through capital expenditure and staffing barriers holding back service delivery. But consider cloud management complexities and develop a strategy and toolkit for handling the management of multiple clouds before rollout.

Jupiterimages/Getty Images