Four Cornerstones of a Cloud Smart Environment – GovTech

As “cloud smart” emerges as the dominant model for enterprise IT, technology leaders are recognizing the value of selecting the right environment for each application and its data, whether in an on-premises data center, a dedicated private cloud or in one of many environments that network providers offer. While this is an intelligent approach, the resulting complexity of managing multiple cloud providers can create headaches for government technology leaders.

“We’ve moved from our comfortable four walls of the enterprise. … Suddenly we have a host of applications living in a lot of places,” says Marcus Moffett, Cisco CTO for the U.S. public sector. “This becomes really daunting.”

Making the transition to a hyper-distributed cloud environment requires technology leaders to embrace a new approach to IT management. What follows are four strategies that can operationalize a cloud smart environment for governments, their workforce and their constituents.

Adopting Software-Defined Networking

Managing different cloud hosting providers results in IT staff getting bogged down as they develop different operating models for each one, Moffett says.

Software-defined wide area networks (SD-WAN) can automate and abstract the intricacies and differences among different cloud environments and providers, creating a simplified and unified cloud operating model that breaks down silos. The shift allows IT staff to manage disparate services as one elastic network in which computing resources can scale depending on needs.

Software-defined networking is sometimes referred to as “infrastructure as code,” and in many ways, the networking transition mirrors the DevOps environment that has become the predominant way applications are developed, delivered and then iterated.

“You can move quickly because you’re using one operating model over multiple environments,” says Mike Witzman, Cisco systems engineering director for U.S. state, local, and education (SLED). “That’s the best flexibility you will ever get managing security, agility, cost—all the things you’re tasked with factoring in all come into the equation.”

Gaining Full-Stack Observability

As government employees and constituents have become savvy cloud users in virtually all other areas of their lives, “the bar is high on the services” governments provide, says Witzman—with reliability at the top of the list of expectations.

“We’re delivering critical services—much of it isn’t nice to have; it’s a must have,” he says.

To ensure that technology staff has a complete sense of how different applications are delivering services to citizens—as well as across applications in the form of data exchange—new network technologies provide a common view of application, network, infrastructure and user behaviors. Leveraging AI-powered analytics and automation, full-stack observability can help proactively identify and resolve issues and break down silos in complex IT environments.

“We tend to work in our silos and every team has its own tools—database administration, web administration, network administration,” Witzman says. “How does that all mash up so I can see across the entire hyper-distributed environment with a common language and connect the dots to see how things relate to each other in this new complex world? Full-stack observability is how we tame this new world that’s coming in.”

Scaling Secure Access

In a hyper-distributed environment, the goal remains the same: “Getting users from where they are to where they need to go,” Witzman says. However, the number of edge points can explode across multiple cloud environments, mobile access and expanded citizen services. “We’re in a multi-threat world, so you have to protect users everywhere they are,” Witzman says.

One key to successfully scaling secure access is to develop a common, centrally managed security policy and implement it across the distributed network. Cloud-delivered secured internet gateways and software-defined networking can extend a single access policy across multiple cloud environments. “We have moved to an architectural approach from a siloed, product by product approach,” Witzman says.

New regulations governing security for certain types of sensitive data at the federal and state levels—including FedRAMP and the emerging StateRAMP guidelines—are also putting greater scrutiny on governments’ service providers at the same time as they are managing multiple clouds and companies. “Every time you add a service provider in your service chain, you have to [verify] they have good cyber hygiene,” Witzman says.

Despite the growing complexity, the primary cause of breaches remains lost or stolen user credentials, so approaches like Zero Trust and multifactor authentication (MFA) remain the first line of defense. At the same time, it’s also essential that these measures are simple for end users, Witzman stresses. “When we make it easier for the user to do the secure thing, they do the secure thing,” he says. “When we make it harder, they write their passwords on sticky notes.”

Changing the Cloud Climate

In each of these areas, new technologies are abstracting the underpinnings of hybrid, multi-cloud environments so they can be viewed and managed as a single network. That’s a significant technological shift, and it can challenge IT staff in new ways.

“That’s not an easy transition for us to make,” Moffett says. “A lot of people put IT modernization in the context of the technology, but the bigger idea that needs to be underway is the culture of IT modernization—and the people piece.”

The challenge is that staffers tasked with different responsibilities—networking, storage, databases, applications and security—will see their roles shift. “When you think about a workflow, you’ve typically had the applications people do one job, and the security people do another job,” according to Moffett. He predicts that the transition will be similar to the one which took place with telephony as voice over internet protocol (VOIP) replaced twisted copper wire. “The roles start to bleed and morph into a common role because everything’s delivered over a common infrastructure,” he says.

While that culture shift can be daunting, it’s a vital step to ensure that cloud smart strategies wind up being a smart move for government IT. “When we adopt and lose control, we’re setting ourselves up for failure,” Witzman says.

To learn more, view Empowering Your Operations with a Cloud Smart Environment, a Government Technology webinar, with Moffett and Witzman here.

To see how Cisco is helping governments connect, secure and automate the next generation of cloud through automated software solutions and insights visit www.cisco.com/go/cloudready.