The UK Public Sector is failing to move to public cloud due to concerns over lock-in and security. These are the two biggest take-aways from a new report published by UK Cloud. They show a remarkable disconnect between the public sector and enterprises when it comes to the modernisation of the IT estate. Ironically, while those surveyed claimed they wanted cloud they then focused on all the reasons they can’t adopt it.
UKCloud says it: “surveyed more than 300 public sector organisations, large and small and asked them about the common issues and challenges that are impeding broader adoption of cloud.” Part of the problem appears to be that many are waiting for a “perfect solution” before making any move.
According to Simon Hansford, CEO, UKCloud: ‘This survey has proved what we believed to be the case – that digital transformation is inevitable but is happening too slowly. The issues raised in the report are being addressed at a policy level in government at the moment. There is no perfect cloud solution – rather different clouds to meet different needs. UK public sector organisations need choice and options in order to meet demand for cloud-based data and workloads.
‘Organisations understand cloud-first is not cloud-only. Some of them, like the Food Standards Agency, have already fully moved to the public cloud. Others, like the Ministry of Defence, have a hybrid, multi-cloud strategy. The public sector understands the detail of the policy, including the fact it enables organisations to form a cloud strategy that’s right for them. Different organisations face different sets of challenges when it comes to cloud, and there is not a one-size-fits-all solution’”
Public Sector doesn’t trust the Public Cloud
There are many reasons cited in this survey for not using public cloud. While some are perfectly valid, most seem to be a mix of misinformation, job protection and the way government works.
Security is the largest concern, cited by 85.2% of respondents. Here there is a case for some concern but it is manageable. Data sovereignty is a requirement by many governments around the work and the cloud industry has responded. There has been a significant build out of data centres inside countries rather than just having regional data centres. In addition, data can be geo-locked to prevent it being backed up elsewhere. Using the same hybrid approach that enterprises are taking with sensitive data also provides a solution to this problem.
Cloud providers have also proven that they can attract and retain the top talent when it comes to security. Given the financial constraints on government departments this means that a DIY approach is not guaranteed to be any safer than cloud-based solutions. The majority of cloud breaches are not about insecurity in the platforms, they are about misconfiguration. This is an end-user issue and could be addressed with better training or through an enhanced role for the NCSC.
Vendor lock-in is another issue. 78% are concerned that by adopting public cloud they would be beholden to the cloud provider. Five years ago there was some validation of that. Today, enterprises are managing multi-cloud environments, moving and sharing data across different cloud providers. It is allowing them to get the best tools and costs for the job. In addition, the majority of software used in public cloud is open source based which prevents vendor lock-in. Compare that to many government solutions that use outdated software and rely on an increasingly small pool of people with knowledge of that software.
Cost is an issue when moving to cloud
One of the most cited reasons for moving to cloud is to reduce cost. Moving from complex and expensive CAPEX environments to an OPEX model is well understood. However, as many enterprises have discovered, OPEX can later be an issue if you don’t control the inevitable increase in resource usage that cloud can bring.
Interestingly, this is not where cost is an issue for the public sector. One of the major cost issues is that many government departments are locked into contracts for their existing IT environments. They are unable to move to cloud until those have been written down on the balance sheet.
This is a serious inhibitor and one that the Treasury needs to step in and deal with. Grandiose Government driven IT systems have wasted tens of billions of pounds over the last three decades. Most have also failed to deliver a lot of promised benefits. Healthcare, policing, defence, HMRC and the much vilified Universal Credit are all examples of this.
Those same systems have also failed to deliver effective data sharing. Using multi-cloud and that includes hybrid elements for data security, is being used by enterprises to remove silos. Cloud vendors are helping drive the integration between software packages to make data sharing simpler and more effective. For the NHS, this is a holy grail that continues to evade its grasp despite the promises made by IT vendors who, ironically, have been guilty of creating vendor lock-in.
All of this points to a failure of strategy at all levels. Across all the different departments the lack of clear policy and strategy was continually highlighted. Given the other urgent priorities for the UK Government this year as it seeks post Brexit trade deals, this is unlikely to be solved.
Enterprise Times: What does this mean?
Enterprise Times was given access to all the underlying data for this report. It tells a very complex story and exposes the problems of getting wider cloud adoption. Most of the departments have the same concerns but while some are valid, none are insurmountable.
We are in an age where costs have to be contained by central and local government. The UK Government through its Digital Marketplace (formerly G-Cloud) has provided a means for departments to adopt cloud services and software. Despite its successes, it is clear that there are still a lot of underlying issues that need addressing. A key example is the claim that moving to cloud will have to wait until existing solutions are depreciated. That means money and opportunity is being wasted.
If the UK Government was a business, it would be in serious trouble. Every year we see corporate failures caused by a failure to modernise and lower costs. Cloud is part of that digital transformation journey businesses are undertaking. The UK Government, despite a few successes is a long way behind businesses when it comes to transforming its IT estate. For some departments, their approach would mark them out as a risky, if not failing enterprise. This report should serve as a wake-up call.