Federal agencies, such as the Small Business Administration and National Oceanic Atmospheric Association, are realizing the scalability and cost benefits of a multi-cloud environment as they navigate remote work and service delivery. But, for agencies both new to and well-versed in the cloud, Booz Allen Hamilton cloud leaders John Pisano and Jimmy Pham are advising that governance from the get-go is a key consideration for making a multi-cloud environment more effective.
Establishing strong governance dictating who has the authority to run the cloud environments and vetting service providers, alongside other factors like creating an extensible infrastructure and preparing the workforce, can help agencies take full advantage of the multi-cloud environment they likely already have in place. Pisano and Pham, leader of digital cloud solutions and co-lead of digital platform capabilities respectively, agreed that breaking a cloud journey into manageable chunks with those key tenets in mind enables success.
For example, Booz Allen worked with a coalition of 12 agencies to launch Recreation.gov as a customer experience-oriented hub for easy citizen access to information about public land. The digital platform launched two years ago based on the company’s key considerations for a multi-cloud environment to become one of the Office of Management and Budget’s high impact service providers.
In an interview with MeriTalk, Pisano and Pham reflected on their organization’s work with Recreation.gov and other projects to distill their experiences into key considerations for Federal agencies as they embark on cloud efforts.
The interview below has been edited for length and clarity.
MeriTalk: How can a multi-cloud environment, as opposed to other solutions, benefit agency telework and service delivery?
Pisano: A lot of times when I have this conversation with clients around, they don’t realize it but they’re already multi-cloud. If you think about what we’re doing today, the dimensions of multi-cloud live across those different services. At first, it was like, how do I quickly get scale because I have my entire workforce that’s distributed to now that I’m here, there’s actually some really nice capabilities and things that we can do here. It’s just become the norm in terms of business.
Pham: When people talk cloud, it includes a lot of things. One piece of it is around Software as a Service (SaaS). The other pieces, the custom solutions that organization enterprises use, they’re not necessarily SaaS, we also see a lot of interest in trying to move them to the cloud whether it’s just a complete lift and shift or rewriting or leveraging a SaaS equivalent in order to scale that for remote workers.
MeriTalk: What are some of the common challenges or mistakes that agencies face when embracing a multi-cloud environment?
Pham: The typical one is governance because it is a reactive thing. These events are not planned so it’s our reaction, so the big challenge is overcoming governance, which takes a little bit of time to actually establish correctly and have the methodology and process. We see that a lot in terms of not having a pretty strong governance in place, but having to onboard as well, which leads to not only sprawl, but really fragmented pieces. Then, you got all this stuff that you’re using from a compute perspective on the CSPs [cloud service providers]. Being able to manage that is a huge, huge challenge, not just from a cost perspective, but there might be duplication, there might be inefficiencies and overhead.
Pisano: Understanding the current maturity of your organization before you get into this grand vision. I find a lot of folks that’s where they try to start and then get frustrated very quickly because they don’t have the fundamentals in place. The other side of it would be getting wrapped up in the relative, small differences between the CSPs. In general, there’s parity in the services they offer in the way that they price it. It’s one of the same with what really are you trying to address now near term and your longer term vision and how do you want to govern and manage it.
MeriTalk: What are the key considerations that teams should keep in mind to build an effective multi-cloud environment?
Pham: The basics of governance can cover a really big learning process, but the bare minimums in my mind are management. How do people actually get a license and account for compute resources? All those things are fundamental. It’s worth spending the time to get it down. As you proceed and mature, there are other more complex things that you can add in terms of the governance process to actually become more comprehensive in terms of addressing that challenge.
Security and data come to mind as well, but I think that piece is always tough. Now you have a bigger attack footprint, you’re in different places, so your attack footprint is definitely larger and more expensive. The other piece is data, understanding where it lives, how it’s being protected, how it’s being accessed, is also important in addition to the accessibility.
Pisano: The other side of it, too, is this idea of an extensible infrastructure. Our view is a very open architecture approach. Open architecture doesn’t necessarily mean open source and free, that tends to be a big misconception, but the idea is building your architecture in an open way such that as you mature and as you vet new providers to your governance and bring them in because they address the business need, you’ve established a foundation that makes it relatively simple for you to interface on different assets.
You could have a piece of an application running in one provider because it’s the services needed but maybe you’re explaining analytics capabilities from another provider and having that open interface between them so it’s not so painful. It ties the governance to thinking about are you going to approach this in a way that does give you that open, modular approach as your business matures, and as your needs further evolve and further evolving your workforce and your processes to understand how do I manage in this multi-cloud environment.
MeriTalk: Are there any lessons you can pull from your work with Federal agencies on multi-cloud transitions?
Pham: For a really large engagement, it becomes very, very daunting. I’ve seen a lot of paralysis analysis up front just because it’s so vague. The approach should be to take it in chunks. That’s the whole beauty of having multi-cloud, to be able to use certain pieces. Having that big view and spending that time to do an assessment upfront is well worth it.
Pisano: I definitely agree on the idea of taking it in pieces. If you’re approaching it from an open perspective, in terms of an open architecture, you should be able to have different groups working different aspects of your bigger vision versus being very sequential, if you will.
MeriTalk: What can the administration or Congress do on policy and legislation that would help agencies speed up their cloud adoption?
Pham: We’ve been supporting the Federal government for a very long time and I think the education or at least understanding of where technologies are headed. Those are the biggest things that will be helpful to not just educate, but also change the way the Federal government is acquiring, as well as execution of this work, that would help the industry as a whole.
MeriTalk: Looking ahead, how will or how should agencies adapt their modernization plans to adopt a multi-cloud environment, specifically as they’re navigating this new remote environment sparked by COVID-19?
Pisano: If you don’t have a governance plan, you should think of one. If you’ve not really taken a look at your architecture and assessed that, you should look at it. Because we’re going to continue to want to drive that push. Let’s figure out how to keep the momentum going and get even more scale out of it.
Pham: They’re probably already multi-cloud, but I think it’s the recognition of what does it mean to them and what pieces. Then having the governance in place as part of their modernization plan. It’s well worth the time and effort and energy spent on getting that governance piece in place.