Deploying a hybrid national cloud is a great idea for any government agency that wants to trim costs, improve worker efficiency, and deliver better services to citizens and businesses. But where to begin? If you deal with a lot of data—and what government agency doesn’t?—I recommend three preliminary steps. In fact, take these steps whether or not you’re moving to the cloud, because knowing your data and how it’s used is the key to making good decisions for sharing it, securing it, and putting it to work in the cloud or anywhere else.
Step 1: Know your data
Understanding your data is essential to classifying it, and classifying it is critical for matching it with the right cloud service. First, identify the security needs of your different data types and understand the role your data plays in mission-critical operations. While data classification is a best practice for every data center, it’s absolutely essential to making a hybrid cloud model work. A thorough assessment will help you figure out what percentage of your data can be moved to a less expensive public cloud service and which data sets need to be secured behind your firewall in a private cloud.
Step 2: Know your applications
Equally important is knowing how your data is used. Whether you deliver services and information to citizens, interact with other government entities, or deal with private businesses, it’s vital that you understand who needs to access your data, when, and why. Based on that knowledge, you can decide whether to make workloads, programs, or data sets available in the cloud. Nuances matter here. For example, a “low-security” application might seem right for a public cloud, but if it performs a high-priority job or delivers emergency services to citizens, it should probably reside on a private cloud in your on-premises data center. Either way, pay attention to service-level agreements so you get—and pay for—just the right level of support, no more, no less.
Step 3: Choose your provider carefully
The consequences of not fully understanding your data and applications can be significant. At the very least, you might overpay for services you don’t need by putting non-essential data and applications in an overprotected private cloud. Worse, you might under-protect sensitive data in a public cloud, opening the door to liabilities, lawsuits, and noncompliance penalties if the data is compromised. Your national cloud service provider will help you make the right decisions about your data, so take the time to choose the right one. I created a six-point checklist that every government should follow when choosing cloud service providers.
We’re heavily invested in hybrid cloud solutions at Microsoft. We can’t imagine governments and businesses operating in a sustainable way without them. What about you? Leave a comment here, and tell us how private, public, and hybrid clouds fit into your future.
Have a comment or opinion on this post? Let me know @Microsoft_Govhttp://twitter.com/microsoft_gov. Or e-mail us at firstname.lastname@example.org.