Cloud computing challenges and opportunities for the public sector

More and more public sector organizations are turning to the cloud to improve their efficiency, resilience, and overall security stance. But to take full advantage of cloud computing in your agency, you need more than a lift-and-shift approach to your migration. You need cloud workers and a public sector cloud strategy to overcome challenges and drive your mission forward.

Here's what we cover in this article:

• The top 4 cloud computing challenges

• The 7 opportunities for public sector agencies to leverage cloud

Public sector organizations face four main barriers to successful cloud adoption. Identifying the barriers that exist in your organization can help you conquer them.

Whether it’s HIPAA, PCI DSS, NIST, FedRAMP, or something else, security and compliance isn’t anything new for public sector organizations. No matter how familiar you are with various compliance frameworks, shifting to the cloud means navigating new regulations while ensuring security standards.

Historically, the public sector has struggled to compete with the private sector for tech talent. And that hasn’t changed. 

Even as more tech talent enters the market (due to layoffs in the tech industry), government agencies struggle to recruit and retain cloud engineers. Why? Complex hiring processes, less competitive benefits, and lack of flexibility often top the list.

But legacy technology systems also present a substantial barrier. Many cloud workers want to stay on the cutting edge and lack the skills or desire to work with the legacy systems that pervade public sector organizations. 

>>> Check out these tips to fill your federal agency’s cloud computing jobs.

Cloud computing services use a pay-as-you-go pricing model. This lets agencies scale their cloud services up or down to meet their current needs. 

Public sector organizations can use indefinite-delivery, indefinite-quantity (IDIQ) contracts to invest in metered services like cloud computing. However, these contracts are often time-consuming and costly to set up. 

Even if you’re able to navigate IDIQ contracts, your agency may face scrutiny about which cloud service providers you offer those contracts to.

>>> Learn more about multicloud for public sector organizations.

Public sector organizations, including the federal government, continue to prioritize legacy, on-premises systems despite the push to the cloud.

In fact, even though 54% of public sector CIOs said they’d increase cloud spend at the beginning of 2022, only 35% said they’d decrease spending on legacy infrastructure and data center technologies. As long as agencies continue to prioritize legacy systems, they won’t see full cloud transformation.

Despite the challenges, cloud computing still offers opportunities for public sector organizations to enhance their operations. If your agency can think beyond the technology itself to the people and processes that will manage it, you’ll see cloud success.

Cloud service providers use a shared responsibility model that defines which infrastructure responsibilities they own and which they leave to individual organizations. 

These models can help you allocate resources more effectively. For example, if you aren’t responsible for managing the cloud’s software or hardware, you can dedicate more technologists to critical areas like cybersecurity.

Just make sure you fully understand the shared responsibility model and what you and your cloud workers are responsible for.

Agencies often think of compliance as a barrier to successful cloud adoption. But it’s also a massive opportunity. 

Compliance frameworks help government agencies ensure their environments comply with the latest restrictions and regulations. In the case of the cloud, you can look at a cloud provider’s compliance documentation to determine if their services are authorized under a certain framework. If they are, you know their services have been vetted and comply with critical requirements.

Check potential cloud providers for compliance with frameworks such as:

• FedRAMP

• StateRAMP

• Cloud One and Platform One

The traditional authorization process for new systems follows a series of linear steps: Public sector organizations will develop a system and assess its security. They’ll authorize it. Then they’ll use it.

While this method provides an extensive assessment of a system’s vulnerabilities, it’s also time-consuming. By the time the authorization is complete, the system may already be out of date.

Continuous Authority to Operate (cATO) provides a more nimble approach. cATO continuously authorizes underlying cloud infrastructure, systems, and platforms. This enables agencies to focus on capability and code delivery, rather than constantly building and authorizing new platforms and infrastructure.

The COVID-19 pandemic forced government agencies to shift to remote or hybrid work—and move some operations to the cloud as a result. Now, more than 90% of employees across industries prefer hybrid work arrangements. The bottom line: Telework and cloud computing are here to stay. While it may take some time to adjust, remote work widens your talent pool and provides potential cost savings (like cost-of-living adjustments to salaries).

Only half of technologists have extensive experience working in the cloud. If you’re struggling to recruit the cloud workers you need, try developing your existing workforce instead.

You can start off with free learning resources like webinars, live streams, blogs, and ebooks. When your technologists (or budding technologists) are ready for more advanced skills, you can turn to resources like on-demand courses, instructor-led training, and customized labs and sandboxes.

>>> Learn how to upskill the public sector workforce to close skills gaps.

Public sector organizations may not possess the budget, benefits, and flexibility that private sector organizations do. But they’ll always lead in mission impact.

Cloud engineers in particular can have an incredible impact on US national defense through initiatives like the U.S. Army’s Enterprise Cloud Management Office (ECMO), the U.S. Navy’s Black Pearl platform, and the U.S. Air Force’s Platform One initiative.

Everyone in the public sector industry understands how tricky it can be to navigate the various regulations associated with acquiring new cloud technologies. Some organizations that have already been through the process created guides and frameworks to help other agencies with their cloud journey. 

You can use these guides to streamline your process. Such frameworks include:

• Requirements for the Acquisition of Digital Capabilities Guidebook

• Adaptive Acquisition Frameworks

• CIA C2E award 

• JWCC award 

Check out our ebook for a deeper dive into these frameworks.

For most public sector organizations, the question isn’t whether to adopt cloud services but how to do it successfully. 

By following existing acquisition frameworks, defining your own cloud strategy, and developing your teams’ cloud skills, you can overcome common cloud challenges and see lasting success.