Last week I was at a large government agency with a large IT shop, running its own data center, and currently piloting an internal private cloud for infrastructure as a service (network, virtual machines and storage bundled together). They wanted to discuss whether they had made the right architectural choices and how to move from pilot to actual deployment.
I asked them what was the business case behind developing their own cloud, and they answered that they needed to better utilize their resources, given the significant workload variations in their business. Since they have already almost completely virtualized their data center, I asked what was the additional value of moving toward a full-blown cloud solution and whether they were contemplating some form of cloudbursting, i.e. the use of external cloud services, in order not to size their infrastructure on the peak requirements. They answered that they have very stringent security requirements, and therefore they cannot contemplate any external services.
Since this particular organization publishes lots of public open data, I asked whether they were considering public cloud services for that at least, but they seemed to be unwilling to go that way, even if they admitted that they could not see any regulatory impediment to do so.
It is no uncommon to find government IT organizations that are not looking at cloud as an opportunity to revamp their sourcing strategy, but more as a means to brush up their internal services. Doing so, however, they risk making their services much easier to compare with externally-provided services, and unless they are really good or draw clear boundaries around what cannot be externalized for security and data sovereignty reasons, they may find themselves in an uncomfortable position relatively soon.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.