The legal industry has been more reluctant than other industries to embrace cloud computing, but most law firms now understand the cloud can bring substantial long-term benefits and are making the transition. The public sector is following a similar path.
While the perception of increased risk in cloud deployments was once commonplace, firms and agencies are coming around to the view that cloud computing can actually make data more secure than on-premise systems by incorporating features like built-in application security, a multi-layered approach to compliance and risk mitigation, and better monitoring tools.
From the standpoint of eDiscovery, federal agencies routinely face very large production requests for data from highly diverse sources and in a broad variety of formats. Moving data and applications into a flexible and scalable cloud environment could help them respond more efficiently to Freedom of Information Act (FOIA) requests as well as requests for electronically stored information in litigation, investigations, and examinations.
Like law firms and corporate legal departments, agencies are highly focused on the return they derive from technology investments, and many agencies now view a transition to the cloud as a reasonable way to reduce their physical footprint and bring down the total cost of ownership of IT infrastructure.
Ambitious Initiatives Encourage Adoption in Agencies, But Barriers Remain
Well-documented benefits driving cloud adoption include low upfront costs, more predictable spending, fewer software management requirements, the opportunity to reduce IT staff, and the ability to manage legal matters from any location and at any time.
In addition, a series of government-led initiatives are creating a new sense of urgency at agencies, especially at the federal level.
Among these is Cloud Smart, a strategy developed by the Office of Management Budget “to accelerate agency adoption of cloud-based solutions” and provide practical implementation guidance.
There is also the Modernizing Government Technology Act, which helps provide capital for modernization initiatives, and the Federal Information Technology Acquisition Reform Act (FITARA), which permits government chief information officers to establish cloud service working capital funds and is behind new “scorecards” that grade agencies on their progress in various aspects of IT modernization, including migration to the cloud.
The technical, cultural, and fiscal challenges for government agencies transitioning to the cloud are in many ways similar to challenges faced by law firms, but in some cases it may take longer for agencies to implement the necessary changes to staff, technology infrastructure, and budgets to complete the change.
In part, that is because agencies tend to be very large and less nimble than private-sector organizations, but it’s also because they have extra layers of policies and regulations to follow in the process of making a transition.
Agencies also face a series of unique barriers to fast-paced transition, including:
- Capital-starved budgets: Some agencies get capital funding only sporadically. They are accustomed to an on-premise model in which they purchase additional hardware or software licenses when they receive money. It can be difficult to align this type of funding with a SaaS model, where upgrades and maintenance are almost continuous. However, agencies are beginning to realize a transition to SaaS brings more predictable costs over the long run, especially in the case of a fixed-price capacity pricing model.
- Long-term contracts: Government contracts are typically three to five years in duration. Agencies are unlikely to prematurely end a contract for an on-premise solution to transition to a cloud solution. They are more likely to wait until a contract ends to make a major change.
- Extreme sensitivity to data-based risk: Government agencies typically manage very large volumes of highly sensitive data, including personally identifiable information (PII), and they will always need to ensure it is managed in highly secured environments. That’s why the federal government has established cloud-focused security frameworks like SOC 2 and FedRAMP, which are quite rigorous. Awareness of security risks inherent to on-premise solutions is also increasing among agencies.
- Change management challenges: Moving to the cloud is a major undertaking requiring significant changes to organizational culture. Agencies need to take a formal approach to change management to ensure buy-in among leadership and staff and a smooth transition. The transition requires education and some retraining of personnel (including government workers and contractors) to get staff fully on board and make sure IT personnel understand how to manage and support cloud solutions.
- Outdated policies and procedures: Many internal policies and procedures at agencies are aligned to on-premise solutions. Agencies may need to rethink a broad range of established processes extending beyond technology and data migration to areas like personnel, mobility, and connectivity within and outside the physical workplace.
Just like firms and legal departments, agencies that complete the transition to the cloud will have to adjust to a different pace of IT change. The cloud implies essentially continuous maintenance, updating and monitoring. Design, testing and deployment of new applications all happen much more quickly in the cloud. The effort to attain and keep current with government-imposed security certification standards will also be an ongoing process, although that responsibility typically falls to vendors.
In spite of the challenges, agencies that plan carefully and are able to identify experienced, qualified vendors to help them manage the transition should be in a position to serve their constituents with more flexibility, faster response times and increased transparency. If that’s the ultimate result of migrating to the cloud, the considerable time and effort to make it happen will have been well worth it.
This column does not necessarily reflect the opinion of The Bureau of National Affairs, Inc. or its owners.
Amy Hilbert is the vice president of public sector at Casepoint LLC. She has over 20 years of experience in organizational leadership and project management in the information technology industry. In her role, Hilbert leads Casepoint’s foray into providing eDiscovery and legal technology solutions to the government and public sector.