Despite its growing ubiquity, cloud computing is still dogged by a number of misconceptions, according to Gartner Research Director Katell Thielemann.
"Based on our interaction — either with vendors or agencies in this federal environment — what are some of the tops myths we're running into and what is some advice we would have for the environment?" Thielemann said, speaking to an audience of federal employees and contractors at a "Hillversation" held earlier this month.
She went on to list, and then dispel, the common mistaken beliefs.
1.) Cloud = Data Center or Cloud = Virtualization
Properly defining cloud computing is the first step of building any transition strategy, Thielemann said. Many agencies are putting the "cloud" label on anything that closely resembles the NIST definition, but many of these approaches do not really merit the term. Thielemann urged agencies to avoid what she called "cloud-washing."
"In this cloud-washing environment, frankly we're seeing both sides of the fence rushing to cloud-wash," she said. "On the one hand we're seeing agencies eager to show they're abiding by the cloud first policy and calling just about everything they tend to do 'cloud.' And on the other side of the fence we're seeing a lot of vendors who want to provide as much into the environment as possible calling what they do 'cloud.'"
This has led to a lot of confusion in the marketplace. Thielemann suggested agencies and industry refocus their requests and offerings based on the NIST cloud definition.
2.) Cloud computing is less secure
"Human nature is to assume what people can't see, they can't control," Thielemann said, often leading to "box-hugging," when IT departments don't want to relinquish control to a third party.
"What we have seen at Gartner is, to-date, across these multiple industries and geographies, proportionately we've actually seen less breaches into some of the public cloud environments than the on-premise cloud environments," she said.
Thielemann credited the market itself for this trend, as the companies providing cloud services are inherently incentivized to provide strong security for their systems or risk going out of business.
3.) Cloud is about technology
Cloud services are obviously technical solutions but implementing those solutions requires a good deal of buy-in from agency employees — both in and out of the IT department.
"It's become very, very clear that the cultural aspect of cloud is as important, if not more important than the technology aspect of cloud," Thielemann said. "The business model changes that come out of the cloud are equally key to successful adoption."
She recommended bringing everyone to the table during significant transitions to ensure employees understand the benefits of adopting a cloud model and are ready to take advantage of those benefits.
4.) Cloud is always about saving money
Particularly in government, cloud is often seen as a means for lowering IT costs and, in many cases, this holds true. However, cloud technologies are also about providing better services in a scalable manner, which doesn't always lead directly to cost savings.
In a recent Gartner survey of CIOs worldwide, only 14 percent said they were moving to the cloud to save money, Thielemann said.
"What cloud also brings goes way beyond pure savings to the bottom line," she said. "Clearly this notion around agility; this notion about driving more collaboration at the edge — at the mission level, at the program level — at the various agencies becomes absolutely key."
5.) "The cloud first policy said so" is a strategy
Relying on the administration's cloud first policy — which mandates that agencies consider cloud options when implementing new systems — has become somewhat of a crutch, Thielemann said, similar to agencies saying, "Congress said so," when sticking to the letter of the law.
Having a strategy for adopting is important and Thielemann suggested agencies take more care in developing theirs.
The cloud first policy is "an important stake in the ground, it's an important management decision … but it's not a strategy," she said. "A strategy starts with the 'why,' and understanding the why, then moves on to the 'what,' the 'who,' the 'how,' and the 'how much.'"
Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.