When it comes to the idea of cloud first — or any headlong rush to commercial cloud computing — Bob Venero offers three words: Not so fast.
“We’ve all seen outages and downtime, data loss and data leakage,” said the president and CEO of Future Tech Enterprise. “And a lot of that is tied to the cloud.”
At Federal News Network’s Industry Exchange Cloud 2023, Venero pointed out that “a lot of organizations have taken that mentality of cloud first without really taking a step back and looking about risk versus reward.”
Future Tech, which Venero founded 27 years ago, recommends that federal agencies stick with a hybrid approach, maintaining and modernizing their own data centers to have as alternatives to commercial clouds.
Choosing the best place for a given workload and its associated data involves evaluated what would happen if that data was compromised or lost, he said.
“What would be the minimal impact for your organization?” Venero said. “Then make that decision to bring that data into the cloud.”
Agencies should also consider productivity when moving workloads to the cloud and calculating the cost in terms of work should a cloud suffer an interruption, he advised.
Weigh all risks between cloud and on prem
A big selling proposition for commercial cloud services providers (CSPs) is security. “They’re secure to the level they can be. But you don’t have the right walls around them,” Venero said. “You’ve got physical security. You’ve got structural security. You’ve got data security. And each one of those brings its own inherent risks.”
CSPs run the same risks created by disgruntled employees as other organizations. Plus, as large targets, CSPs naturally attract hackers. “You have bad actors, right? That go after the large cloud providers versus the individual smaller companies. That’s another risk that you have to take a look at,” he said.
Another consideration is cost. Venero said the original impetus behind the federal push to cloud computing concerned the cost of maintaining government data centers.
“Cloud first wasn’t always about security and protection,” he said. “It was about reducing your footprint in the data center, reducing the headcount in support of those applications and that data.”
But it didn’t turn out that way in all cases.
“What they’ve learned with egress of data back and forth is that cost with cloud doesn’t necessarily mean lower,” Venero said. “So we’re very firm on a hybrid approach.”
Venero said a hybrid approach means rethinking data centers and modernizing them so running them is less capital-intensive than in the past.
Moving from CapEx to OpEx model
“Organizations are really looking to move from capital expenditure, CapEx, spending to operational expenditure, OpEx, spending, and you can create an OpEx environment in a data center,” he said. It requires adoption of technologies including software-defined networking and storage, virtualization and PC as a service.
With PCaaS, “there is still inherent risk in having a thin client device that is cloud-delivered,” Venero said. “If I can give you that device that is a standard device, but you pay for it in a consumption based model, I can eliminate your risk.” Thick clients, let people remain at least partially productive during a network service interruption, he added.
In Future Tech’s business model, Venero said, it works with the major federal systems integrators, who themselves help agencies abstract the complexities of multicloud deployments.
“We work with them a lot on making sure that the environment that they’re providing is the most secure, risk averse and has the best possibility for uptime, and also bring the ability to utilize CapEx and OpEx dollars to be able to drive that to the agencies as well.”