These days, citizens and businesses expect to interact with their government departments and agencies the same way they interact with eCommerce services – and governments want to deliver!
One significant way to make digital services more responsive and accessible is to put them “on the cloud.”
But that’s not always a straightforward process. There are many things to consider when making technology changes – particularly in government.
Here’s an overview of what to consider when planning and implementing a move to the cloud.
Why Move to the Cloud?
First, let’s cover the most basic question: Why should your agency even consider moving to the cloud?
The four top values of cloud adoption we see today are:
- Improved citizen services and engagement experience
- Better access to better data for leadership decision support
- Increased speed of, and opportunities for, innovation
- Improved employee satisfaction
There’s a chance your agency is feeling some pressure to move to the cloud. Maybe your software provider(s) are ending support for on-premise apps, for example. Or maybe you’re in a region where they’ve mandated cloud adoption.
Either way, it’s a good idea to identify your “why” and get it in writing. It will become the driving force behind planning and implementing your move and getting your organization on board.
If you’d like to dig into these topics, we have several posts on the Vision33 blog.
Technology and Integration
Now that you have your “why,” it’s time to dig deeper. What, exactly, are you going to have hosted on the cloud?
You don’t have to move everything at once or even implement new “cloud-native” applications. In some cases, like a “lift and shift,” you’ll simply be copying and connecting an existing application from your on-prem servers to a cloud server.
Most likely, your move to the cloud will be gradual – and that’s great! It’s vital to follow the path that’s right for you. Here are critical questions to ask yourself and your hosting provider or consultant:
- Which software product(s) are you migrating from and to?
- Is it a new application, the SaaS version of your existing application/platform, or simply hosted off-prem?
- Which functional workflows are affected?
- Which integrations are affected? Which should be created or discontinued?
- Is an IPaaS required for ongoing integration management? (For example, saltbox.io.)
- Which customizations will be affected? Can some customizations be eliminated?
- Is system administrator access available to the new application? Is it still required?
- What is the vendor’s business continuity and disaster recovery process? Is it aligned with yours?
- Are there “nice-to-have” systems you can integrate now that weren’t available before?
It’s smart to consider what “change management” you’ll need before moving to the cloud. Preparing to manage the changes that will affect your user community – from staff to citizens – is critical to a successful project.
Start by identifying your users (internal and external) and determining how the changes will affect them. Will they need a new login? Will they need to learn new workflows or processes? Are there potential benefits of moving to the cloud they should know?
Communicate the plan (including your “why”) early, and engage people. The more involved people are early on, the more they can contribute and adapt to the changes.
Here are other questions to ask:
- What are the differences between the old and new applications?
- How will your IT department and agency partner motivate and support users through the change?
- How much manual processing is being moved to digital workflow for internal users?
- Are there efficiencies being gained through an optimized digital workflow?
- Are there new functionalities and/or workflows being introduced?
- Have you surveyed your public users for their feedback on existing pain points and/or suggested improvements?
- How will users access the new application?
- What training will be required, for whom, and when is it best delivered? (Don’t forget your IT support team(s) that may also be adjusting to new work models.)
We’re seeing more examples of ransomware and denial of service disruptions wreaking havoc in the public sector. The threat of hacking and the sophistication of attacks are only increasing, which is why it’s critical to make sure your systems are secure.
Fortunately, many cloud hosting providers have extremely robust security protocols with dedicated professionals who maintain them on your behalf. But these services come at a cost, so ask these questions to help you determine what’s appropriate for you:
- Which existing security protocols might affect this initiative?
- Which security protocols need updating because of this initiative?
- How is user management implemented?
- Which security features are available in the new application?
- What is the auditing functionality of the new software?
- What is the provider’s track record with security?
- How is your data protected? Is it in AWS, Azure, Google, or another cloud?
- Are there SOC 02, ISO, or other compliance processes to align with?
- What is your incident response plan for security incidents?
- What is your provider's incident response plan for security incidents?
Public sector services are highly regulated, with lots of rules, policies, and expectations. That means any software you implement – and its hosting solution – must meet these regulatory guidelines.
While you likely have a good sense of your requirements, it’s helpful to list them in one place. Here are a few questions to help you:
- Does the information management model align with ATIPP, FOIA, or other access-to-information requirements?
- What is the data residency requirement?
- Is PCI compliance a requirement?
- Do all application features comply with accessibility and/or ADA guidelines?
- Which statutes, regulations, or policies must be considered?
- What will the software provider expect to use certain data for?
Ask these questions when procuring software, so you won’t hit regulatory snags in the future.
It might seem strange to have a section called “Project Success” because if you follow the other steps, you should succeed – right?
Well, at Vision33, we’ve spent many years learning what can make or break IT projects. It often comes down to small details like how often you meet with the implementation team and who’s in the meeting.
Here’s a list of sometimes-overlooked questions to ask and details to cover when embarking on a cloud application implementation project:
- What is the established program governance model?
- Which executive-level decision-makers will participate in regular project governance?
- Are other initiatives – in IT or the departments and agencies – occurring that could affect the participation level of your key SMEs and the timing of a rollout?
- What are the project environments? I.e., are there development, test, and production environments? What is the right environment to support effective user acceptance testing (UAT)?
- Have you identified dedicated departmental UAT participants?
- Are users currently tracking data outside the main system? If so, how will that data be incorporated into the new solution?
- What is the one source of truth for the current project plan?
- Which departments or agencies will be rolled out first and why?
- What are the minimum “go-live” criteria?
- Should you create a post-go-live stabilization and enhancement project?
Because IT projects are usually complex and have long timelines, it’s essential to make sure agreements are well-thought-out, with all the i’s dotted and t’s crossed.
It's difficult to predict every possible scenario, so here are questions you can ask based on Vision33’s years of experience with a variety of projects:
- What does an end user license agreement (EULA) draft contain, exactly? What limitations will you have to accept in a cloud environment?
- What are the annual price increases?
- What happens if the provider gets acquired, sold, or winds down business operations?
- What feedback is available from an internal legal review of contracts?
- What happens when the application doesn’t operate as promised?
- What service elements do you expect or need (e.g., response times) in the service level agreement (SLA)?
Read the fine print and leverage your legal resources!
The bottom line is critical in any decision your agency makes; however, there are unique aspects to cloud hosting you should consider.
For one, the bandwidth your applications use affects the cost. If you go through a slow period with few users accessing an online service, it will cost less than during a peak period or spike in usage.
Cloud offerings often offer flexibility in ending contracts. But how realistic is that scenario, and what are you effectively going to be tied to?
- What are the new software cost units based on? Users? Enterprise licenses?
- What types of user licenses are available?
- How many, and what kind of, licenses do we need?
- Are costs monthly, annual, or otherwise?
- What are the price per user and the total price overall?
- Which third-party services costs will be required?
- Which internal costs will be assigned to this initiative?
- Which annual budgeting processes need to align with this initiative?
- What is my 5, 10, 15, or 20-year total cost of ownership budget for the new solution?
This list of questions isn’t exhaustive, but it provides a good framework for your agency to make a thoughtful decision about moving to the cloud or adopting cloud services.