What We’ve Learnt About Government & Cloud – Challenges & False Assumptions

Deploying new services in the cloud requires new deployment models. As things near completion and time pressures mount, issues arise. Security and platform challenges take time and specific cloud expertise to resolve. Errors can happen and approvals slow things down. Sometimes there’s no tried and tested rules to use as guidance.

It’s why we’re working with government teams to smooth this journey to cloud, so they can focus on developing, and we’ll make sure the right structures are in place.

So, what challenges do government IT teams face when moving to cloud?

Cloud competency

Government agencies often have highly competent IT teams, but limited experience with operating in the cloud. So, there’s a level of day-to-day support that’s needed with fixes, maintenance and updates. And it’s quite a competitive market to source these hands-on engineers, or find the time to develop them in-house. 

It’s why some of these organisations rely on us to look after the day-to-day operations, raising tickets with hyperscalers, overseeing environments, making minor changes and updates. 

This tends to apply across other areas of the organisation as well. Often decision-makers across the business have limited cloud experience, so there’s a hesitancy in making the move to cloud. We can support IT teams in getting wider business buy-in for cloud projects. And our government cloud agreement means easy, fast and legally-approved means of purchase for agencies. 

Delivering security in cloud

These teams are also highly competent in keeping up with security needs and regulatory updates. But what they might struggle with is transferring these needs to cloud implementations. 

In some of the projects we’ve helped with, the customer has had a good view of the legal requirements around personal data and what needs to be in place in cloud. But there’s real fear of making the wrong decision, and the consequences of negligence.

This is where we’ll start with a cloud health check, which includes a security pillar that dives into elements around access control, threat detection, threat response plans and encryption processes. We give a snapshot of their current environment, with suggested corrections, mitigations and clear actions. We’ll then get to work to enhance the environment with guaranteed mitigations and parameters in place, to lower the barrier for those that are cautious.

Tech debt

In some instances, there’s a lot of technological debt around outdated services and software. In these cases, we’ll help build the applications new rather than transferring to the cloud.

Or in the middle layer, we’re helping organisations look at their service catalogue, and understand which are the lower-hanging fruits that could move to cloud to get the benefits from a developer point of view.

What false assumptions do government agencies have about moving to cloud?

We’re starting to see some exciting things happening with cloud within the public sector. Some teams and organisations really are fully cloud-native, doing amazing things, and really forward-thinking projects.

But there are organisations that have been slower at adopting, and part of this lies in the false assumptions many have around cloud.

‘It costs too much

Firstly – yes, cloud can be expensive if it’s allowed to be. But we have tools to optimise your the use of cloud and drive cost efficiencies and resource optimisation. It’s a huge part of why we run our assessment and POC – to show the value and TCO, based on concrete evidence and testing. 

The US is spying on us

There’s a concern – particularly among government agencies – around the governance and infrastructure of the main cloud providers. There’s scepticism around the dominance of the big 3 US hyperscalers, and a widely-held view that operations and data within these environments are monitored and used by US government intelligence. This is simply not true.

There are also false assumptions around data sovereignty and data residency, with government agencies sceptical as to whether data is allowed to be stored on non-European cloud platforms. In reality, there’s no one-size-fits-all solution. The approach will vary depending on variables like the classification of data and the type of data. 

We work with organisations to comply with data privacy regulations and ensure the data storage solution chosen meets those specific needs. And with hyperscalers now investing in local data centres in Finland and other EU regions, there are options for us to provide local solutions to meet hybrid cloud requirements.

It takes too much time

There’s also a view that these projects move slowly – particularly in government organisations. But we’ve shown that doesn’t have to be the case. We now have an agreement in place with Valtori that can be applied to any Finnish agency that wants to get moving on cloud projects. This cooperation is key to getting things moving fast. 

Essentially, we can have a meeting on Friday, plans in place on Monday, with our teams getting to work on Tuesday. 

And with our rapid assessment offering (read more on what’s involved here), we’ll help get started with an assessment, PoC and migration roadmap in a matter of weeks.

We can help you get started

Read our step-by-step guide to find out more

From assessment to delivery, read Julkisen Sektorin Pilvimigraatio – our easy-start guide for Finland’s public sector

Get in Touch.

Let’s discuss how we can help with your cloud journey. Our experts are standing by to talk about your migration, modernisation, development and skills challenges.

Ilja Summala
Ilja Summala
CTO @ Nordcloud