Where Is the State Government Cloud Market Now?
The study found that 89 percent of states reported hybrid cloud as their ideal cloud state. According to the report, 44 percent of states describe the use of an external cloud broker, and the services are most often used to manage Software as a Service and Platform as a Service cloud environments.
According to the study, 54 percent of state CIOs say their state budget offices prefer an OpEx (operating expenditure) funding model for cloud. CapEx (capital expenditure budgeting) is generally seen as an inhibitor to effective budgeting for cloud services.
“The budget office still needs to evolve their model and has not kept up with the changing reality of cloud — budget procedures and standards set up to support the financing of capital expenditures are not flexible enough to support budgeting for cloud services,” the report notes. “The future CIO will be buying services more than making capital expenditures and this should be considered as states expand financial governance. The financial risk for ad hoc adoption of cloud services without a plan can result in variable costs that can exceed a fixed budget.”
An OpEx model offers flexibility and scalability for state agencies, but it comes with risks. “As demand for services increases and decreases (with close monitoring of that consumption relative to the planned budget), a mature cloud organization will have controls in place that effectively match resources to that demand,” according to the report. “There should be no surprises if the forecasting models used to create budgets for cloud services are effective. As appropriate, these forecasting models need to be reviewed and updated.”
State CIOs also report that cybersecurity management is a key barrier to cloud adoption, which is not an unfounded concern, since ad hoc use of cloud services can lead to security risks.
According to the study, 66 percent say their states have a process for managing cloud-related privileged permissions, and 63 percent say that cloud-related logins and access activities are monitored. The report advises states that “cloud native cybersecurity measures can help to mitigate some of the risk.”
What Can State IT Leaders Do to Increase Cloud Adoption?
In something of an understatement, the report notes that states are adopting cloud in a “deliberate and cautious fashion,” which “leads to mixed results, as the cost savings, scalability and flexibility the cloud operating model provides are not being fully realized, while the more deliberate and cautious approach reduces risk.”
The report advises that states conduct assessments to understand what their cloud capabilities are.
“Do states have the right resources in terms of people, process, technology and funding?” the report asks. “Building a plan that assumes you do, when in fact you don’t, will only waste valuable and typically limited resources and result in not realizing the benefits that the cloud model offers.” The report includes a self-assessment tool for IT leaders to use to judge their level of cloud maturity.
New cloud service capabilities are proliferating, the report notes. “New cloud broker services exist, new cloud access service brokers abound and new functional niche cloud providers appear regularly,” according to the report. “The expanding number of services and interdependencies among these services add complexity state governments must address through a new discipline for managing and operating an enterprise-wide cloud portfolio that can deliver needed government as a service.”