The Public Sector’s UK Choice for Secure Sovereign Cloud
There is always pressure on IT decision-makers to improve the quality of service their choices produce, yet at the same time, do it all for less. Heads of IT departments in the UK public sector are not the only ones caught in that pincer movement of seemingly incompatible pressures – colleagues who head up other departments will recount the same problems, as will many IT professionals in the private sector.
For a while, the hyperscale cloud providers seemed to offer a way out for many cash-strapped public sector institutions. By effectively removing the overheads of maintenance and hardware procurement, and pushing what had been CAPEX expenditure onto the OPEX side of the ledger, organisations would get scalable resources on a pay-as-you-use basis. In many cases, moving to the cloud proved an excellent choice and remains a viable solution to this day.
The benefit of hindsight does not necessarily lead inexorably to regret, but looking back, it’s interesting to see how and why so much public sector data now resides in the server farms of AWS, Azure and the rest. The use of outside contractors, for instance, meant that teams came into the sector with predefined skillsets in the form of experience and accreditation in, for example, GCP migration and service creation. Any agenda that accompanied contracted bodies wasn’t hidden, nor was there any element of subterfuge. But rather, like the public sector employee, their counterpart in the private sector contractor is under time and budgetary constraints. In many cases, it would have done both parties much good to have considered some of the details more carefully. Not all the services, applications and data that did head out and end up in hyperscale clouds perhaps should have gone there.
Let’s look at the furor that often surrounds even small medical research units’ data being “given” to companies like Google. It’s quickly apparent that personal feelings run high on matters of sovereignty, ownership and – to a certain extent – security. Cloud providers ensure reliability and security of infrastructure, of course; their reputations depend on it. But the raft of acronyms that IT Managers need to negotiate today include SASE, WAF and zero-trust, services that are still needed to protect data regardless of its housing, even when such housing comprises the gleaming racks deep in the heart of Azure or Oracle Cloud data centres.
There are also issues of accessibility and uptime. Outages of the big CDN networks, or an individual uploading a dodgy BGP config file can take down whole geographies, real and virtual, suspending services and access to data that failover (often provided by the same vendors) just doesn’t ameliorate.
This article is not a call to arms, Braveheart-style, to “take back what is ours” from AWS or whoever. The advantages of cloud, especially its scalability, elasticity, and (still very) high availability, are overwhelming. On-premises has its very solid use cases and will remain so for the foreseeable future. In fact, 99% of organisations in both public and private sectors have ended up with hybrid IT spread between clouds and on-premises. But there is a specific cloud option that needs serious consideration, especially when issues like governance and security are considered. The recent Schrems II ruling that invalidates the US-EU data link means that statutorily, public sector organisations need to think hard about what is held and processed where.
In brief, organisations need UK-based cloud provision (with all of cloud’s advantages), yet on UK soil, and with the type of high-end security, physical and virtual, that makes it suitable for, for example, police forces, sensitive government databases, and data that can’t be anonymised safely (or operationally). UKCloud fits that bill.
Any IT decision-maker in the public sector worth more than their salary knows that cyber and statutory risks can only ever be decreased, never vaporised entirely. But UKCloud’s provisions lower risk by more than merely spreading the risk around multiple providers. Its high-security features make it a viable alternative to ageing on-premise data centres, offering the type of services and critical oversight that combine the cloud’s advantages (including OpenShift, VMware, OpenStack etc.) with the highest levels of data and service integrity. In a previous article on these pages, we looked at how the company can replicate on-premise infrastructure remotely to obviate the need for huge cloud transitioning projects that impact uptime on critical services.
The next time the big cloud providers’ egress fees dip to less than eye-watering levels, consider the British UKCloud offering for those applications and data repositories that need to be near and on UK soil, but those that will also benefit from cloud’s inherent advantages. Read more here.