Beware the one-way street of Big Cloud training

Don't ignore the "traditional" training routes in favor of certification from 'Big Cloud'.
3 September 2021

U.S. Public Works in action. Source: AFP

The public sector on both sides of the Atlantic is starting to use cloud-based services increasingly, to provide better services to local communities and/or its core users. The US Army Program Executive Office EIS (enterprise information systems) coins a new acronym, EITaas — enterprise IT-as-a-service — to describe “enhanced, industry-supplied capabilities” that innovative technology can bring as a series of readymades.

That type of thinking goes well beyond mere outsourcing of services, and is the next logical step for the public sector, allowing hard-pressed organizations to make the best use of dwindling budgets. Writing in Washington Technology, Brendan Walsh cites several positive aspects of change, notably the “synchronization of public policies with existing private initiatives to generate long-term benefits for [..] citizens and communities.”

He calls for uptake of cloud companies’ training courses (presumably on the employer’s dollar), programs of learning that are often highly discounted or even free for, as AWS puts it, the “unemployed or underemployed.”

It’s undeniable that today’s IT professionals need to be more than conversant in cloud-native technologies because even though many offerings have their roots in open-source software, there are specific variations to the cloud providers’ respins. Provisioning services is one thing — tuning them for best performance in their specific settings is quite another.

The danger is that cash-strapped public sector organizations will likely only be able to resource training from a pool that’s limited to one or maybe two at most of the big providers’ training programs. That, in effect, locks in the skillset of the public sector organization into one cloud or another, which will limit options in future procurement rounds.

There is, of course, a great deal more in common between the big cloud providers’ services than there are differences, and IT professionals’ experience and knowledge, even for the highly specifically trained, is applicable on one platform or another. Vendor lock-in might be insidious, but it’s not insurmountable from an IT worker’s point of view. Platform-specific finetuning and data egress fees make migration more troublesome, but again, not impossible.

However, EITaaS suggests that public sector bodies can take advantage of applications and services that are well abstracted away from their underpinning technologies. The danger is that the training routes to “traditional” IT roles of systems administrator, database programmer, cybersecurity specialist (and many more) are not funded by pressured public employers — and it’s a problem for the private sector too. Organizations need professionals on hand that know how things are built, how and why they might stop working, and how to fix them quickly when they do. That needs a deeper knowledge, one that’s not limited to Azure+Active Directory+SharePoint+Microsoft Office.

To take a single example, systems administrators can provision services and applications quickly at scale using a range of tools that automate many basic procedures, or build a reliable platform from scratch. Sure, there are tools (Terraform, Ansible, Puppet et al.) to make life easier, but no one is claiming that these technologies, or the next generation of them, are going to put the lowly sysadmin out of work. Someone has to know what the big cloud service is actually doing under the hood, because, when things go wrong, the same big cloud service won’t have quite the same sense of urgency to fix things.

Big cloud providers will happily let a database scale and help it perform quickly, but a corrupted database might tax an organization without staff who can remedy the situation at its core. Sure, there’s failover and rollback, but that’s an extra paid-for service, naturally. Cybersecurity pros will tell you that infrastructure providers protect infrastructure, not what’s inside it. Organizations need the ability to see underneath the layers of abstraction that are presented to decision-makers as “convenient” and “time-saving.”

That capability does not necessarily come from professionals following certification tracks and courses offered by cloud providers. The necessary knowledge of what’s going on at a deeper level might come by osmosis but won’t be the main raison d’etre of any training program offered by the so-called Big Cloud players.

The public sector has to be especially aware of this potential limitation because it is the provider of many frontline services on which many rely, as a public service. Additionally, public organizations are often bound by very strict data handling policies dictated by law. Throwing in one’s lot with a big business that has revenue to generate and shareholders to satisfy, might not necessarily have the same goals as each other.