Next steps to the cloud
Cloud computing is not yet mature enough for use in government but the Public Service is preparing for its eventual implementation.
Government strategies often declare themselves to be the last word in policy: the completion of a round of research, discussions and consultations. Not so with the cloud computing strategy which sees itself as part of a bigger conversation where the Government has no “monopoly on good ideas”.
The implication is that the sector must continuously innovate and improve, as part of the drive to make Ireland a world leader in cloud computing. Suggestions for improvement are welcome (via email) at cloudstrategy@per.gov.ie
This reflects the cloud’s ongoing evolution as a technology. Indeed, trials commissioned by the Department of Public Expenditure and Reform found that while cloud is efficient and can make savings, it is not yet secure or reliable enough for public sector use. The Government is therefore taking the incremental approach adopted by other administrations in Europe, North America and Australasia.
First and foremost, it has a duty to protect the data of all 4.5 million residents in the State. Minister Brendan Howlin launched the strategy for the public service in July, after two years of planning. It also follows on from the e-government strategy published in April.
In taking this forward, Howlin and officials want to ramp up the efficiency of government ICT, through cutting the number of computing facilities, data centres, overall costs and the ICT workforce.
The purpose of public sector ICT, it makes clear, is to support the effective and efficient delivery of public administration and services. ICT, by its nature, is cross-cutting and its uses range from mission-critical functions in justice and health to the enabling role played in other services (e.g. social protection) and back office shared services.
Value for money is the Government’s main message to the private sector, and is also one reason for the ongoing consultation. The State aims to use external service providers but also press them to keep charges low, given the pressure on public finances.
Drivers for change include the consumer-orientated design of new technologies (as seen in smart phones), which result in citizens expecting a higher level of service in an ever-reducing period of time. ICT infrastructures are likewise becoming more sophisticated and complex. This increases pressure on Public Service staff, many of whom also face redundancy.
Full outsourcing to the private sector, though, is not an option. The Public Service “has and will have a continuous need for personnel” but the nature of their work is likely to change.
Several public bodies, for example, are already transferring their infrastructure to data centres run by the Department of Agriculture, Food and Marine and the Revenue Commissioners. The next step will be to set up a regional network of smaller data centre sites (probably less than 10).
No major reduction in the actual amount of equipment will take place but running costs will be cut e.g. in lighting, power and cooling. Providers are asked to factor this into their metering and pricing models.
Single-organisation private clouds will only be approved where a solid business case is put forward and the customer has a specific, unique requirement for that service. Public and community clouds are therefore prioritised.
A public cloud is seen as most appropriate for public-facing and non-sensitive activity, and related pilot projects. Practical examples could include data release, online surveys and the front-end functions of apps. It could also help to cut the capital investment costs of ICT trials.
The department’s Centre for Management Organisation and Development (CMOD) will develop procurement frameworks. Separately, the Chief Information Officer Council will draw up guidance for public bodies e.g. on specific assessment criteria and the importance of comparing procurement exercises.
Behind the scenes, the Public Service will need its own community cloud i.e. providing infrastructure as a service (IaaS). Users will be able to connect through the Government Networks (GN) system, a private, managed, wide area network established in 2007.
The strategy anticipates that IaaS will be housed in public sector-owned computer and data centres but will use infrastructure provided by a framework of private sector IaaS providers. Public bodies will therefore have a choice of provider but be assured that their data will not move outside the system.
A move to private sector data centres may be considered but only if companies pass a risk assessment, based on the strict standards expected and the need for value for money. The implementation process (see box) will become more complex as it develops. Most services will be deployed by phase III but the next two phases would take a considerably longer amount of time.
Internal processes vary greatly across the Public Service. Mission-critical systems are procured for the long term and only changed when they need to be redeveloped.
The “very considerable aggregation” of public sector ICT will provide the necessary economy of scale for the private sector. The industry’s representative group, ICT Ireland, has supported the development of the strategy and cloud computing in general.
“For Ireland to become a global leader in cloud technology, it will be important for government to take the lead as a user of cloud computing,” Director Paul Sweetman has said. “Ireland is well-placed to take advantage of the cloud. We have the perfect mix of data-centre infrastructure, software developers and a growing user base of cloud services. ICT Ireland is keen to support the work of this new group where needed.”
Phase | Tasks | Potential examples | Duration |
I | Initial evaluation and provision of infrastructure as a service (IaaS) | • Increased use of data centres | Within 1 year |
II | Deploy a range of centralised, multi-tenanted infrastructural services | • Firewalling • Filtering • Anti-spam/virus solutions |
Within 2 years |
III | Develop pilots, proofs of concepts and live implementations, including platform as a service (PaaS) | • Database services • Dynamic disaster recovery • Virtual desktop infrastructure |
Over 1-5 years |
IV | Expand the IaaS with software as a service (SaaS) solutions | • Analytics with sensitive information • Content sharing technologies • Document and case management |
Over 1-5 years |
V | Migration of existing legacy and mission-critical systems from traditional platforms | • Emergency service ICT • Archives |
Over 1-10 years |