Industry ‘ready to help’ agencies with developing cloud strategy

This content is provided by Hitachi Vantara Federal.

As part of our DOD Cloud Exchange event in March, Federal News Network sat down with Hitachi Vantara Federal’s Chief Technology Officer Gary Hix for a virtual chat on all things hybrid cloud. The following Q&A features segments from our discussion.

Federal News Network 

What decisions go into creating a cloud strategy?

Gary Hix 

One of the first things is making a decision to go into cloud, having a regimented and structured approach to cloud, which a lot of agencies have already done. It’s starting with workload identification and application identification to understand what’s running in your environment. Too often, people go ‘I’m just going to push this Oracle Database up to the cloud.’ They don’t look into whether it makes sense to be there. They need to look at the application and think “does it need to be refactored?” Is there an opportunity?  Too often we think about our consumers and data centers as individual servers and arrays and switches. We’re guilty at times of not always thinking about them as applications specifically. Once we’ve identified and built that inventory of what we have, then we decide where does it make sense to live, whether it’s on prem or up in the public cloud? So that is the first part, having a structured approach to your cloud strategy.

Federal News Network 

And so what are the benefits of a hybrid cloud solution?

Gary Hix 

For a lot of people, hybrid cloud is where they end up because what they find is a lot of their applications don’t always make sense to go all the way up in the cloud. I don’t know of any agency that doesn’t have some of their data in an on-prem environment. Even the agencies with the highest cloud adoption are focused on having data in the right place at the right time. That data in the right place could be on-prem, it could be up in the cloud, or it could be a mixture of those as you start to look at this hybrid cloud strategy. It allows you to extend your security profile and things of that nature out to the public cloud, as well. When we first started on the cloud journey, we didn’t always have this concept of the same security as we had in the data center. We quickly progressed to require the same security controls in the public cloud, so we could translate and secure what we had on prem to what’s off prem in the public cloud.

Federal News Network 

Can you tell me a little bit more about why pretty much every agency has a little bit of on prem environment?

Gary Hix 

I think it really comes down to data security, but you also have to consider your data intensive applications. One of the best-known things about cloud is it’s cheap to put data in, but expensive to get it out. So I think a lot of times they look into how much data volume they have to deal with, which dictates a lot of keeping things on prem. In many cases it’s just ease of architecture as well, keeping certain data security things on site, like you have a classified environment. Most likely, that’s never going to be seen in a public cloud. Or if you have sensitive data or confidential data that you’re not entirely comfortable with. A lot of agencies kind of always are going to have some element of on-prem, I think.

Federal News Network 

How can hybrid cloud meet the unique security requirements of federal agencies? You mentioned IL5 a little bit. This is a big concern, right?

Gary Hix 

Correct. Security is always a concern. IL5 was really developed to enforce these structures on industry, to make sure that we’re securing the data at the appropriate level. It also can help define how we can make better decisions on where the data deserves to live based on its security classification. So, one of the things that we can do is annotate data and objects within a customer’s ecosystem and identify, on a policy-based method, where it should live. We can scan the data and look at it as part of our index and search and go ‘oh this says [For Official Use Only], this can’t go up to the cloud in its current state.’ And most government agencies have this data classification, this concept of separate enclaves and different security levels for their data and applications. It’s just applying that to the cloud model as well.

Federal News Network 

How does the government procurement process support a tailored cloud strategy?

Gary Hix 

Having a procurement process that aligns to a unique cloud strategy benefits them because it reduces their capital outlay year-over-year. It allows them to have less money going out the door and it also allows them to be more structured in the way that they forecast their budgets. Because if I’m buying something on a monthly basis, I can forecast that. What happens a lot of times, especially with on-prem solutions, historically is as long as it’s not broke, don’t fix it. So they just continue to renew maintenance, and you don’t get that technology refresh and innovation that is the best that industry is currently offering. It feeds into that budget process and helping to benefit that. But I also think there’s an opportunity for on-prem solutions as well, because almost every industry partner is offering as a service models, consumption models to move away from this historical legacy, ‘everything is a capital expenditure, I’m going to buy everything outright, I’m going to own it.’ They want to be able to focus on the outcomes for the agency and not be in the data center hosting business

Federal News Network 

I was actually just watching an event yesterday where a CIO from Treasury said he was so happy to be out of the hardware procurement business, because they’re moving to the cloud.

Gary Hix 

Yeah, and I think that when you hear they are moving to the cloud, people tend to think, AWS or Azure, or Google Cloud, whatever it may be. But I think moving to the cloud is also that fundamental shift in procurement strategy, as well. Because if you go look at Treasury’s data center, I’m sure there’s still servers in there, there’s still storage, and there are still network switches, maybe even still tape libraries. But the way that they’re procuring that technology is fundamentally shifting to where they don’t view themselves as IT providers anymore, they’re purchasing that service. It’s still sitting on their floor and under their security controls, but the way that they purchase it is totally different, so they fundamentally think about it differently.

Federal News Network 

And that helps with the overall scarcity of an IT budget, because a lot of IT budgets are built primarily around maintaining legacy technologies. So the more they can get away from that, the more they can modernize.

Gary Hix 

Yeah, absolutely. I almost feel like a lot of people have been waiting for the magical TMF, the Technology Modernization Fund to actually get funding. They cut the $9 billion out of the COVID package again, for the TMF. In the senate Covid bill it was funded at $1 billion. I think everyone was waiting for that to do the refresh. But industry is bringing these unique procurement models that allow them to do that refresh without the TMF fund and look at it a different way. Especially if you’re paying month-over-month, that’s a consistent run rate. And now you don’t have so much overlap to move to a new application or move to a new cloud provider.

Federal News Network 

So as we’re talking about shifting to the cloud and shifting to providers, one thing I’ve heard a lot about is avoiding vendor lock in, especially in a hybrid cloud strategy. One of the big initiatives agencies are talking about is making sure they have an exit strategy. So how can federal agencies balance long-term stability and building a relationship with a specific vendor, but also the flexibility of avoiding vendor lock in and making sure they have options?

Gary Hix 

That’s a great question. I think one of the one of the biggest areas is to avoid proprietary software and architecture. One of the things that we have is an object store that offers an S3 interface, almost everything offered in the market now offers an S3 interface. It’s developing and acquiring applications that adhere to an open and flexible architecture to avoid that vendor lock in. When you write an application, write it to S3, don’t write it to some unique proprietary API that only one vendor has. This is something the government has been really good at. If you think about 20 years ago, there was a ton of government owned develop products, and they slowly moved to COTS products. This moved them out of software development business. And now, as they look at open source, open APIs, open framework, I think that’s an important element to avoid that vendor lock in. If I want to take my workloads that writes to an S3 target, I don’t have to only take it to Amazon, I can move that on prem, I can take it to Azure, whoever it may be. There’s a lot of vendors offering that. So using open API’s and being flexible in the architecture you’re deploying is a key element of avoiding that vendor lock in. And look at your management platforms as well, especially as you start to look at cloud brokers. They offer a lot of flexibility in that to not be locked into a single vendor.

Federal News Network 

With regards to an exit strategy for if an agency needs to pick up and move their data from one cloud environment to another, what should they be thinking about?

Gary Hix 

One of the things they need to be looking at is there’s always a cost associated with that data egress and look at solutions that may ameliorate that. One of those solutions we offer will tier data to the cloud but retains the ability to move that data to another cloud without downloading it all again. So we avoid those data egress charges to get out of the contract. But I think it’s looking for flexible technologies that can benefit you. And a lot of times, depending if you don’t go into it with that strategy, and this overall larger thinking of your architecture and how you’re going to deploy it, you may get stuck to where you’re going to have to pay the data egress charges, there’s no way around it. But that’s where that strategy goes into it and being smart about the way that you move to the cloud, which is why I really think that the Cloud Smart initiative is a much better moniker and approach than Cloud First, in that case.

Federal News Network 

And so the other side of that is long term stability. How can agencies go about building that long-term relationship with cloud vendors and setting that foundation?

Gary Hix 

I think it’s like any other thing you do with industry, it’s based on relationship, trust and past performance history. Continuing to behave like they have with on prem vendors, or their historical IT providers, it’s just extending that to the cloud industry. They have the same exact operating models in terms of financials that legacy IT providers do. But there’s ways you can take advantage of economies of scale with them, signing a longer-term agreement and realizing the benefits of that. And one of the things you see is most of customers that have moved to the Cloud, they’ve moved to a single cloud provider, whether it’s AWS, Azure or Google Cloud. They’re taking advantage of that just like they historically had a single server vendor. Most people like Hitachi, HP or Dell servers, and that was who they stuck with as they developed. And I think the cloud providers have come to the same model and benefit.

Federal News Network 

So what’s the best way for federal agencies to get started on the hybrid cloud path? Say, one of those agencies that’s been waiting on the TMF to come? And they’re finally realizing it’s not going to be what they can rely on. How would they get started?

Gary Hix 

I think it goes back to that cloud strategy where you’re looking at an application and assessing your applications and data to understand what you have in your environment. And it’s also stack ranking those as well, because there may be a lot of older applications that are costing them a lot of money in terms of maintenance that may be worth just moving those to the cloud after you do that assessment. The key thing is that assessment and looking at it from an application or data perspective, versus ‘I need to move this, the maintenance on this server is really high. I don’t know what’s running on it. But it’s really high so we should move it all to the cloud.’ I think it’s not about jumping in with both feet. Take your IT strategy and develop a cloud aspect to it, which is looking at those applications and data. Because too often I’ve talked to our infrastructure-focused customers, they don’t even know which applications are running on there. So it’s talking to the program owners, looking at those end users, and understanding how they operate.

Federal News Network 

Any final thoughts?

Gary Hix 

One of the things that I always think is that people don’t necessarily remember, the industry is here to help the government with developing its cloud strategy. It’s newer technology for a lot of customers and a fundamental shift in the way they operate their environments. Agencies that are smaller in scope are better at creating a strategy because they understand what’s running in their environment. The larger agencies have much more complexity to understand and plan for. No matter what size agency it is, industry to ready to help with their cloud strategy, regardless of where they are in the cloud lifecycle.

Gary Hix is the Chief Technology Officer for Hitachi Vantara Federal, a wholly-owned subsidiary of Hitachi Vantara. With more than a decade of experience advising federal defense, civilian and intelligence agencies, and 25 years in the IT industry, Gary is known for his ability to solve government IT challenges and for his deep understanding of the information technology mandates facing federal agencies today. Responsible for architecting, implementing and maintaining custom technology solutions for customers, Gary is passionate about storage and data protection, helping customers implement meaningful IT outcomes that improve business and society.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.