Cloud computing remains a hot topic for our government clients, judging from the amount of client conversations we have on this. I ran a webinar on this topic about a week ago, and there were hundreds of attendees (replay available here).
After endless debates on terminology, industry seems to have agreed on the terms used by the National Institute of Standards and Technology (NIST) to define three main different deployment models:
Private cloud. The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise.
Community cloud. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be managed by the organizations or a third party and may exist on premise or off premise.
Public cloud. The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.
(there is also a fourth model, hybrid cloud,which is a combination of the other three)
In the government industry, the term Government cloud (or G-Cloud) is used as a synonym for community cloud. It assumes that government organizations have similar concerns and can share the same infrastructure. Of course one could also envision multiple community clouds in government, by jurisdiction (e.g. a State cloud or a County Association cloud) or by vertical (e.g. Justice cloud or a Human Services cloud).
There is an implicit assumption that government (community) cloud is where the market is. And by all means, this looks like a very sensible assumption. Central IT government organizations at the federal and state level are looking into various forms of government clouds: this is the case in the U.S., Canada, Australia, Japan and the UK at the national level, as well as in states like Utah or Michigan, and in other regions and provinces around the world.
Vendors are very interested in exploiting this opportunity, supporting governments in the definition of their community cloud strategies as well as taking steps to dedicate part of their infrastructure to government only clients, creating something like a virtual community cloud.
However, if one looks at the behaviors of individual government departments and agencies (which is not necessarily in line with what their central IT policy masters are thinking), when it comes to cloud they usually look at:
- Less expensive solutions for commodity applications. Good examples are productivity tools or email, where there is fierce competition between Google and Microsoft (as well as IBM)and an increasing number of RFP or RFI from federal, state and local agencies, but also CRM, where companies like salesforce.com or RightNow Technologies have grown their public sector business.
- Private cloud services for mission-critical applications and data. Although some are still looking at on-premises private clouds (which are almost a contradiction in terms), outsourcing contracts for infrastructure are evolving toward private cloud-based services, where clients are given assurance about where – within certain constraints – their workloads and data will be hosted (and replicated), basically segmenting the service infrastructure into multiple either physical or – most likely – virtual private clouds
In both cases, government organizations look at how to solve their problems, establishing a 1-to-1 relationship with a particular vendor.
The whole concept of a community cloud fades away, because they do not necessarily care about who else they share the infrastructure with, but about compliance with their existing security and privacy regulations. A private cloud instinctively gives greater confidence than anything shared with alien entities, even if they are government. On the other hand, when it comes to commodity applications, sharing an infrastructure with a financial company, a retailer or another government agency makes no difference, provided – again – compliance with regulatory requirements can be ensured.
If vendors decide to provide service levels that meet all government requirements in a given jurisdiction, the fact that this is a community cloud or not makes no difference. On the other hand, for those government clients who still want to exert control and be the “only” users, private and virtual private cloud offerings will be more than sufficient.
So where does this leave the mythical government cloud? Well, actually nowhere.
Or, better, nowhere if one takes a purely user-oriented view. Then, if one looks at government as a service provider – since there are so many departments and agencies running or keeping at arm’s length their own infrastructure – things take a different spin.
A government (community) cloud is a beautiful concept to give dignity to existing infrastructure assets that are still on the government books and require internal and external resources to be maintained. It is not by chance that in all major countries where a government cloud strategy is being developed, this comes hand in hand with data center consolidation initiatives, or the evolution of shared services strategies.
So maybe the best way of looking at government (community) clouds is that they are a necessary transition toward either private or public cloud, something like an unstable state that will be maintained until market forces will drive agencies to make a choice toward either public or private cloud models.
If this looks like a stretch of imagination, earlier today I had two conversations, one with a large federal department and one with a large vendor. We came to debate the nature of government (community) cloud from different angles. The agency wanted to understand the value of a government cloud for them, and concluded that there was little to no advantage to use it over a private cloud. The vendor was asking how to articulate a government cloud strategy, and concluded that the market opportunity is very difficult to appraise, to say the least.
For how much ink is being spent on government and community clouds, it is still worthwhile to ask whether they serve any purpose and, if so, for how long.
The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.
Comments are closed
2 Comments
Although I agree with you in the long term, I’m not sure I agree with the agency that you mention at the end that concluded there is no value to use a community cloud over a private cloud, there is at least one advantage: scale. Now, if you’re as big as DoD (US Dept. of Defense), or HMRC (revenue agency in the UK), you have a big enough critical mass to build your private cloud, but if you’re a smaller agency there is a benefit in joining a community cloud to achieve lower costs and higher elasticity of workloads. And as long as you’re not ready (for instance because of lack of maturity of some domain specific product) to buy from public cloud, community makes sense as an evolution for example of some shared services.
Thanks Max. In fact I would not agree with that agency either, but that was their initial attitude “Yes, there is a community cloud initiative here, but there are workloads and data we do not want to share even between parts of our same organization, so can we have a private cloud please?”.
My contention is that an alternative way of achieving scale is by using virtual private clouds from vendors. They have scale as they can leverage the same physical infrastructure across multiple clients.
The other important point, connected to the evolution of shared services, is: do you really need a cloud? Existing shared services that provide different delivery models, modest elasticity, and no pay-per-use are likely to fit the purpose of several organizations that do not have either the need or – as you say – the maturity for using cloud services.
So if you take private cloud, public cloud and existing shared services out of the equation, there is relatively little left for community.