Akin to the opening scenes of a Cold War movie, it slipped out like a nuclear submarine from a Murmansk dock. Unannounced, without fanfare, without acknowledgement, the Government’s Cloud Strategy Document was made available at some time between June and September of this year.
Despite the wide distribution of its sister publication on eGovernment Strategy, the Cloud Strategy document, which was arguably even more anticipated in the ICT world, was simply made available on the Department of Public Expenditure and Reform web site. But it was not listed under reports. It was not referred to under press releases, or speeches. The reason for this is that there was neither a speech nor a press release made for the document.
If one clicks on the ‘Public Service Reform’, and then on ‘ICT and eGovernment’, there it is. Or, if one searches with the specific title of the document, it also appears. But why?
With the disappointment in the world of ICT at the Government’s refusal to appoint a CIO, it had been hoped that the much anticipated cloud strategy document would go some way towards outlining actions that would be commensurate with the programme for government aims of providing a "supportive regulatory environment" for cloud computing, as well as "promoting greater use of cloud computing in the public sector, organising existing State supports for cloud computing into a package to promote Ireland as a progressive place for I.T. investment".
Alas, having read the document, none of these things does it do.
At the heart of the cloud strategy document which is dated to June 2012, and "is based on extensive engagement, research and trials with the ICT industry over 2 years," is a contradiction.
The executive summary states that the strategy "places Cloud Computing at the heart of our ICT Strategy", and yet, in the introduction, section 1, part 4 it states:
"As part of its aim to make Ireland a leader in Cloud Computing, the Government has said that it will promote greater use of Cloud Computing in the public sector. In this context, both CMOD and HEAnet have been engaged in research and trials with a number of companies dealing primarily with computing power, storage and infrastructural services such as email. These have demonstrated that, while Cloud Computing certainly provides opportunities for efficiencies and cost savings, it isn’t yet evolved to the degree required by the public service in terms of security, reliability, service levels, standards, jurisdictional, legal and contractual arrangements, technical interoperability, licensing, dynamic and real-time availability, availability of requisite skills, and commercial models."
Just let that sink in for a moment.
Some of the largest technologies companies in the world are cited within a 30 kilometre radius of where the document was written, all of whom are not only betting on cloud computing as new way to deliver ICT, but are already reaping the benefits.
Yet this one sweeping statement seems to knock the whole thing down with the indefinite air of prolonged postponement. Despite the aims of making Ireland a world centre for cloud computing, the Government now seems to be happy to promote it to all and sundry as a central plank for economic recovery, but not to embrace the benefits itself.
The strategy document goes on to talk about community clouds, private clouds and hybrid usage, and hedges with: "While public clouds may be considered by a public body for any requirement, it seems most likely that initial deployments would be most appropriate for a) any public-facing and non-sensitive activity, viz. open data initiatives, public information repositories, public collaboration or surveying facilities, analytics involving non-sensitive or non-confidential data, the front-end elements of online services or apps that do not store sensitive data, simulation testing of the availability, robustness and functionality of online services."
So essentially what this means is that only non-sensitive data, presumably anything that is not personally identifiable information (PII) related, can go in the public cloud, but nothing else. It is fine for testing and development, the same section says, with little capital risk or investment. So sandboxing is fine, but nothing sensitive can go in the public cloud.
What kind of a message does this end to the ICT industry in Ireland?
In February of this year, we reported we reported on TechCentral.ie the Cloud4Gov joint initiative with EMC and supported by Cisco and VMware, that has created a "cloud innovation centre that will enable the development and testing of new applications and services for government". In May of this year, we reported that Google Apps had received ISO 27001 certification following a nine month audit process that was primarily driven by Google’s desire to appeal to users in the financial and public sectors in Europe and Asia. In Washington DC, 38,000 government employees have been given unlimited access to Google Apps and the Gmail service. Also in May, Microsoft’s Office 365 SaaS offering was given Federal Information Security Management Act (FISMA) approval.
And yet the June 2012 dated cloud strategy document says that the public cloud is not sufficient for public service usage under the headings of "security, reliability, service levels, standards," etc.
The timing for me is exquisite because as I write this, we have just reported that Google has announced its €75 million data centre investment in Ireland.
While I am not advocating a wholesale jump into public cloud for the Irish government, the findings of this document seem to be a contradiction that goes against everything that the government has stated as aims, ambitions and plans on cloud computing. The arm’s length, sandbox approach appears to be shortsighted in the extreme and shies away from the real benefits that are now supported by research and experience. Our own Lero software research centre has just published a report documenting as much! Read all about it in our cover story.
The CIO council seems to be doing what committees do-making safe decisions that risk nothing for which no one can be singled out for responsibility. This is yet another missed opportunity that shows the gaping chasm that exists between political ambition and political will. It leaves a bitter taste.
Subscribers 0
Fans 0
Followers 0
Followers