CHECKLIST FOR THE CLOUD ADOPTION IN THE PUBLIC SECTOR

(1)

CHECKLIST FOR THE CLOUD

ADOPTION IN THE PUBLIC SECTOR

(2)

(3)

CHECKLIST

FOR THE

CLOUD

ADOPTION

IN THE

PUBLIC

SECTOR

(4)

1. Introduction

Although the use of cloud services can offer significant benefits for public sector organi-zations, a lot of European stakeholders seem to be reluctant when it comes to migrating to the cloud. How secure will be my data and applications? Will I have constant access to them? What if I change my mind regarding the storage solution? What will it cost? What is a Service Level Agreement, and do I really need it? Where can I get support? These are some of the typical questions public sector stakeholders are putting on the table.

With this brochure we would like to make you familiar with the wonderful world of clouds. In the following you will find not only the questions, but hopefully, also answers that will help you make up your mind!

(5)

2.

(6)

PRIVATE CLOUDS

HYBRID CLOUDS

PUBLIC CLOUDS

Typically owned by the enter- prise using the infrastructure, or leased from a provider of infrastructure. Managed in house.

Example: eBay

Combined deployment of private and public Clouds. Outsourcing resourc-es to public cloud to achieve a maxi- mum of cost reduction.Maintaining control over certain areas, such as sensitive data, through local private Clouds.

Provided by enterprises giving Cloud functionality to others. Offer the capability to ex- ploit the Cloud features for user own purposes or allow other enterprises to outsource their services.

Examples: Amazon, Google Apps, Windows

Azure.

Share infrastructure between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.)

COMMUNITY CLOUDS

CLOUD MODELS

(7)

INFRASTRUCTURE AS A SERVICE (IaaS)

Provides virtual storage and/or computing resourc-es to the user.

Examples: Amazon S3, SQL Azure, Amazon EC2,

Zimory, Elastichosts.

PLATFORM AS A SERVICE (PaaS)

Provide platform typically including operating system, programming language execution environment, database, and web server on which applications and services can be hosted and developed.

Examples: Google App Engine, and Windows Azure

(Platform).

SOFTWARE AS A SERVICE (SaaS)

Users are provided access to application software and databases. Cloud providers manage the infrastructure and platforms that run the applications. SaaS is sometimes referred to as "on-demand software" and is usually priced on a pay-per-use basis.

Examples: Google Docs, Salesforce CRM, SAP

Business by Design, etc.

PROPRIETARY

Software licensed under exclusive legal right of the copyright holder with the intent that the licen- see is given the right to use the software only under certain conditions, and restricted from other uses, such as modification, sharing, studying, re- distribution, or reverse engineering. Usually the source code is not available.

OPEN SOURCE SOFTWARE

Software with its source code made available with a license in which the copyright holder provides the rights to study, change and distribute the software to anyone and for any purpose. It is very often developed in a public, collaborative manner.

SERVICE MODELS

(8)

3.

The Checklist

3.1 /

Migrate or not

migrate? That is

the question

(9)

Q01.

Are there any suitable cloud solutions available in the

market (concerning your security, compliance, and performance

needs)? Is there any competition among the providers?

The existence of appropriate products on the market is the first ques-tion that should be answered if the migraques-tion to cloud is considered. It is more than obvious that the lack of suitable solutions makes migration impossible. The offers by various vendors should be also analyzed – the competition between sellers allows avoiding vendor lock-in and ensuring reasonable prices of delivered services.

Q02.

Is the maintenance of IT systems a significant position

in your budget?

Many IT department managers of public institutions are ranking highly the cost-saving achieved, as one the most important and tangible bene-fits resulting from migration of services to the cloud. Utilization of cloud computing technologies reduces also the need for the IT team to main-tain infrastructure, giving them more time to focus on strategy and in- novation.

Q03.

Do you plan to upgrade your IT systems in near future?

Plans for upgrading IT systems typically means that existing IT infra-structure no longer fits the institution requirements, and that the institution already allocated some budget for the upgrade. Usually, this is a good time to create a long-term strategy concerning IT servic-es development and assservic-ess the pros and cons of cloud technology adoption.

(10)

Q04.

Do you have to maintain ‘oversized’ systems so as to be

prepared for periodic surges in use? Would you be able to free

up resources if you moved those systems to the cloud?

Cloud technology is a good choice for public institutions, for which the average load of IT systems is not so high, but they have to handle a periodic ‘flood of requests’ (e.g. pupil/student recruitment system). Re- configuration of IT infrastructure or renting extra IT resources for a short period of time helps to avoid bottlenecks without the necessity of maintaining oversized infrastructure.

Q05.

Do you have limited funding that prevents you from

making a large capital investment in your IT?

IT systems based on Clouds have usually very good configuration abilities; as such, their upgrade and extension could be a slow process that doesn’t surcharge the institution’s budget. Thus, cloud can be a really good option for Public Administrations to reduce the cost of buying new equipment every two years in order to be up to date.

Q06.

Could you benefit from resource sharing with similar

institutions as yours?

Some of the institutions have very specific needs concerning IT resourc-es, including restrictive privacy regulations (e.g. Police), while the others don’t process very sensitive data and have common (or very similar) requirements (e.g. schools). Such institution could share their resources to reduce costs of IT infrastructure maintenance.

(11)

3.2 /

Service models

[IaaS / PaaS / SaaS]

Q07.

What kind of services do you use?

If there are no common requirements coming from institution mem-bers, who utilize different working environments, a virtualization technique (e.g. based on OpenStack or OpenNebula) could be lever-aged to optimize utilization of the basic resources of in-house IT infra-structure. The ability to scale services according to the users' require-ments could be also ensured by using such IaaS resources as well as processing and storage of public clouds offered by commercial vendors (Amazon EC2/S3, Microsoft Azure, ElasticHosts, etc.).

If people working in public institutions share similar requirements concerning their working environment (i.e. an operating system equipped with particular libraries and applications), such resources could be provided using the PaaS model.

A well-defined (and more or less common for users) set of applica-tions/services allows deploying a SaaS model. This model is based on the “Applications on demand” paradigm, whereby users are provided with ad-hoc access to application software and databases.

(12)

Q08.

How skilled are your institution members (IT services

users)?

The public institutions employees do not have to be experts in the field of IT technologies. Thus, their skills are a very important factor in influencing the chosen service model, as various models require from the users different level of knowledge. From the users point of view, the simplest choice is the SaaS model that transparently provides applications on demand. The user does not have to care about the infrastructure and the environment that host the applications. On the contrary, the IaaS model requires significantly higher competences. Users have to install and maintain operating system images and their application software on their own. The PaaS model stands between the two extremes, as intermediate users skills are required to config-ure and extend the environment that is generally maintained by the service provider.

PROPRIETARY

Software licensed under exclusive legal right of the copyright holder with the intent that the licen- see is given the right to use the software only under certain conditions, and restricted from other uses, such as modification, sharing, studying, re- distribution, or reverse engineering. Usually the source code is not available.

OPEN SOURCE SOFTWARE

Software with its source code made available with a license in which the copyright holder provides the rights to study, change and distribute the software to anyone and for any purpose. It is very often developed in a public, collaborative manner.

(13)

3.3 /

Deployment models

[private, community, public, hybrid]

Q09.

What kind of services/applications do you use?

Public clouds usually offer a standardized set of services (email, CRM, database, etc.). As such solutions provide poor customization possibilities, institutions with specific requirements should rather use private or community clouds that could be well “tailored” to their particular needs.

Q10.

How sensitive are the data you manage? Does privacy

really matter in your institution? Are any legal (regulatory)

aspects that prevent you from storing/computing your data

outside your country and/or your institutions premises?

Procedures related to data handling in public institutions are often subject to the regulations that determine whether the data can be migrated to a public cloud, or they should be processed and stored within the institutions’ data centers. Institutions with very strict requirements concerning privacy (like e.g. Police) that process very sensitive data are even more so not allowed to use public clouds for their purposes. Besides, some institutions publish all of their data

(14)

anyway, e.g. to ensure transparency of processes, and therefore they can use public clouds. An intermediate solution is possible by using data encryption. Entities that are allowed to store data remotely, but are still concerned about privacy of their data, can encrypt them on their side and store them remotely exclusively in the encrypted form.

Q11.

What is the required network and application

perfor-mance?

The choice between private and public cloud strongly depends also on demands concerning network and computing performance. The usage of private cloud is usually recommended for institutions that have to ensure high quality of service and to guarantee high average perfor-mance. In case of periodic ‘floods’ of requests but low average load of IT systems, using public clouds allows avoiding the cost of building ‘oversized’ infrastructure, the full capabilities of which are very seldom used.

Q12.

Do your institutions’ IT staff have deep

knowledge/re-sources to maintain in-house infrastructure?

Creating, setting-up, maintaining and upgrading the in-house infra-structure of a private cloud require deep knowledge from the institu-tion’s IT staff, and could further consume a significant amount of manpower. Since no local infrastructure is needed for using public cloud resources (thus alleviating from all overhead related to maintenance), the IT personnel could focus on the institution’s operational issues. Setup of an in-house infrastructure also requires special facilities (e.g. server room, air-condition, power), which induce significant costs.

(15)

Q04.

Do you have to maintain ‘oversized’ systems so as to be

prepared for periodic surges in use? Would you be able to free

up resources if you moved those systems to the cloud?

Cloud technology is a good choice for public institutions, for which the average load of IT systems is not so high, but they have to handle a periodic ‘flood of requests’ (e.g. pupil/student recruitment system). Re- configuration of IT infrastructure or renting extra IT resources for a short period of time helps to avoid bottlenecks without the necessity of maintaining oversized infrastructure.

Q05.

Do you have limited funding that prevents you from

making a large capital investment in your IT?

IT systems based on Clouds have usually very good configuration abilities; as such, their upgrade and extension could be a slow process that doesn’t surcharge the institution’s budget. Thus, cloud can be a really good option for Public Administrations to reduce the cost of buying new equipment every two years in order to be up to date.

Q06.

Could you benefit from resource sharing with similar

institutions as yours?

Some of the institutions have very specific needs concerning IT resourc-es, including restrictive privacy regulations (e.g. Police), while the others don’t process very sensitive data and have common (or very similar) requirements (e.g. schools). Such institution could share their resources to reduce costs of IT infrastructure maintenance.

Q13.

Is your institution independent or does it belong to a

bigger structure? Are any collaboration possibilities required?

Q14.

Does your budget allow for covering input costs of

building and/or upgrading the IT infrastructure of your institution?

The initial costs of building a private cloud are usually very high. Some-times, the amount of money needed to create (or upgrade) the IT infra-structure exceeds the institution budget. The solution here could be paying periodically a smaller price for renting resources from a public cloud.

(16)

Q07.

What kind of services do you use?

If there are no common requirements coming from institution mem-bers, who utilize different working environments, a virtualization technique (e.g. based on OpenStack or OpenNebula) could be lever-aged to optimize utilization of the basic resources of in-house IT infra-structure. The ability to scale services according to the users' require-ments could be also ensured by using such IaaS resources as well as processing and storage of public clouds offered by commercial vendors (Amazon EC2/S3, Microsoft Azure, ElasticHosts, etc.).

If people working in public institutions share similar requirements concerning their working environment (i.e. an operating system equipped with particular libraries and applications), such resources could be provided using the PaaS model.

A well-defined (and more or less common for users) set of applica-tions/services allows deploying a SaaS model. This model is based on the “Applications on demand” paradigm, whereby users are provided with ad-hoc access to application software and databases.

3.4 /

Business models

[open, commercial / proprietary]

Q15.

Do you have a limited budget that doesn’t allow you to

buy commercial licenses?

The financial factor has been already discussed previously. Creating an IT infrastructure to build a private cloud requires spending substa- ntial financial resources needed for both, hardware and software. The cost of software could be, however, reduced by adopting and utilizing open source solution.

Q16.

Do you have a limited budget that doesn’t allow you to

buy commercial licenses?

Commercial software usually offers limited configuration options, and the licenses usually prohibit any changes on the source code. In contrast, the inherent public availability of open source software allows a skilled IT team to tailor the software to specific institution needs.

(17)

Q08.

How skilled are your institution members (IT services

users)?

The public institutions employees do not have to be experts in the field of IT technologies. Thus, their skills are a very important factor in influencing the chosen service model, as various models require from the users different level of knowledge. From the users point of view, the simplest choice is the SaaS model that transparently provides applications on demand. The user does not have to care about the infrastructure and the environment that host the applications. On the contrary, the IaaS model requires significantly higher competences. Users have to install and maintain operating system images and their application software on their own. The PaaS model stands between the two extremes, as intermediate users skills are required to config-ure and extend the environment that is generally maintained by the service provider.

Q17.

What is the required network and application

perfor-mance?

Most proprietary software implement own vendors standards, and therefore, once adopted, services cannot be easily moved to other cloud-ecosystems. Even if an offer by a competitive vendor is more attractive, the cost of migration usually exceeds any potential benefits. Open source solutions, on the other hand, are mostly designed using open standards, and hence allow for easy building of an environment from interoperating components coming from various vendors. The migration process is also facilitated by this fact.

Q18.

What is the required network and application

perfor-mance?

Vendors of commercial software usually offer to customers extended support (help-desk, info-line, etc.). Such services are extremely helpful to IT staff in case of any problem related to software installa-tion, configuration or maintenance. Still, they come with a price. The proprietary software is usually quite expensive because its cost covers also the expenses of user support. Open source software could be used (in most cases) for free, but with limited support. Thus the skills of the IT personnel should be much higher in this case.

Q19.

Do you need transparency of the solutions you provide?

Nowadays the citizens highly rate their right to privacy and a choice of open source seems to be natural for public institutions that would like to retain transparency of their procedures. Customers often would like to

(18)

Q09.

What kind of services/applications do you use?

Public clouds usually offer a standardized set of services (email, CRM, database, etc.). As such solutions provide poor customization possibilities, institutions with specific requirements should rather use private or community clouds that could be well “tailored” to their particular needs.

Q10.

How sensitive are the data you manage? Does privacy

really matter in your institution? Are any legal (regulatory)

aspects that prevent you from storing/computing your data

outside your country and/or your institutions premises?

Procedures related to data handling in public institutions are often subject to the regulations that determine whether the data can be migrated to a public cloud, or they should be processed and stored within the institutions’ data centers. Institutions with very strict requirements concerning privacy (like e.g. Police) that process very sensitive data are even more so not allowed to use public clouds for their purposes. Besides, some institutions publish all of their data

have precise knowledge of how their data are handled. The publicly available open source software could be analyzed and checked to verify whether it contains any “suspicious” functionality or not.

Q20.

Do you need fast and responsive support?

If the business model of an institution requires high availability of the services or the institution runs critical services, then support for the cloud infrastructure becomes necessary. Commercial clouds provide support for their customers. Support for open source cloud middle-ware may be available as an additional, paid service, or it may be offered by third-party companies. As open source software is usually supported in a voluntarily fashion, there is no guarantee that critical errors will be fixed in a timely manner.

In any case, signing a service-level agreement (SLA) with the cloud provider should clarify matters such as data access, security, services, support etc. Through the SLA it should also be clearly clarified what happens in the case of service failure, network failure, cloud provider going out of business etc.

(19)

anyway, e.g. to ensure transparency of processes, and therefore they can use public clouds. An intermediate solution is possible by using data encryption. Entities that are allowed to store data remotely, but are still concerned about privacy of their data, can encrypt them on their side and store them remotely exclusively in the encrypted form.

Q11.

What is the required network and application

perfor-mance?

Q12.

Do your institutions’ IT staff have deep

knowledge/re-sources to maintain in-house infrastructure?

Creating, setting-up, maintaining and upgrading the in-house infra-structure of a private cloud require deep knowledge from the institu-tion’s IT staff, and could further consume a significant amount of manpower. Since no local infrastructure is needed for using public cloud resources (thus alleviating from all overhead related to maintenance), the IT personnel could focus on the institution’s operational issues. Setup of an in-house infrastructure also requires special facilities (e.g. server room, air-condition, power), which induce significant costs.

4.

Illustrative

use cases

4.1 /

PROFILE

A

4.

Illustrative

use cases

4.1 /

PROFILE

A

(20)

Q13.

Is your institution independent or does it belong to a

bigger structure? Are any collaboration possibilities required?

Q14.

Does your budget allow for covering input costs of

building and/or upgrading the IT infrastructure of your institution?

The initial costs of building a private cloud are usually very high. Some-times, the amount of money needed to create (or upgrade) the IT infra-structure exceeds the institution budget. The solution here could be paying periodically a smaller price for renting resources from a public cloud.

(21)

Q15.

Do you have a limited budget that doesn’t allow you to

buy commercial licenses?

The financial factor has been already discussed previously. Creating an IT infrastructure to build a private cloud requires spending substa- ntial financial resources needed for both, hardware and software. The cost of software could be, however, reduced by adopting and utilizing open source solution.

Q16.

Do you have a limited budget that doesn’t allow you to

buy commercial licenses?

Commercial software usually offers limited configuration options, and the licenses usually prohibit any changes on the source code. In contrast, the inherent public availability of open source software allows a skilled IT team to tailor the software to specific institution needs.

4.1.1 /

Institution profile

The institution’s general characteristics are:

• Financial guarantees from t=he government to ensure operational abilities

• Very specific demands concerning data security/privacy • A number of “tailored” software divided into several

groups of applications • Skilled IT staff

• Average (or low) knowledge of IT technologies among institution members

• Demands of high availability, good quality of services and reliable support

• A stable load of utilized IT systems

4.1.2 /

Suggestions concerning

cloud adoption

The institution size and specific character would prevent it from taking advantage of many cloud features like sharing resources, outsourcing of services, etc. The economic aspects are not critical in this case. The measured load of IT systems is rather stable, so infrastructure is not oversized. Thus, the migration of services to cloud is not a “must” but utilization of clouds could bring many advantages anyway, so cloud adoption should be a next milestone on the institution roadmap.

(22)

Q17.

What is the required network and application

perfor-mance?

Most proprietary software implement own vendors standards, and therefore, once adopted, services cannot be easily moved to other cloud-ecosystems. Even if an offer by a competitive vendor is more attractive, the cost of migration usually exceeds any potential benefits. Open source solutions, on the other hand, are mostly designed using open standards, and hence allow for easy building of an environment from interoperating components coming from various vendors. The migration process is also facilitated by this fact.

Q18.

What is the required network and application

perfor-mance?

Vendors of commercial software usually offer to customers extended support (help-desk, info-line, etc.). Such services are extremely helpful to IT staff in case of any problem related to software installa-tion, configuration or maintenance. Still, they come with a price. The proprietary software is usually quite expensive because its cost covers also the expenses of user support. Open source software could be used (in most cases) for free, but with limited support. Thus the skills of the IT personnel should be much higher in this case.

Q19.

Do you need transparency of the solutions you provide?

Nowadays the citizens highly rate their right to privacy and a choice of open source seems to be natural for public institutions that would like to retain transparency of their procedures. Customers often would like to

Due to the institution’s specific characteristics, a Platform-as-a-Ser-vice (PaaS) model should be deployed. Institution members could be divided into several groups provided with ready-to-use system images that contain preinstalled applications. The heterogeneity of operating systems required by applications makes an “application on demand” (Software-as-a-Service, abbrev. SaaS) model much harder to adopt. Because of the specific nature of the institution, the majority of utilized services could be migrated only to a private cloud to ensure the proper level of security of data handled, and a high availability of critical services.

The request for high availability of services, and demands for software certification as well as for fast and responsive support suggests the

utilization of commercial products; however open models could be also used (though with many restrictions).

(23)

have precise knowledge of how their data are handled. The publicly available open source software could be analyzed and checked to verify whether it contains any “suspicious” functionality or not.

Q20.

Do you need fast and responsive support?

If the business model of an institution requires high availability of the services or the institution runs critical services, then support for the cloud infrastructure becomes necessary. Commercial clouds provide support for their customers. Support for open source cloud middle-ware may be available as an additional, paid service, or it may be offered by third-party companies. As open source software is usually supported in a voluntarily fashion, there is no guarantee that critical errors will be fixed in a timely manner.

In any case, signing a service-level agreement (SLA) with the cloud provider should clarify matters such as data access, security, services, support etc. Through the SLA it should also be clearly clarified what happens in the case of service failure, network failure, cloud provider going out of business etc.

4.

Illustrative

use cases

4.2 /

(24)

PROFILE B:

A MEDIUM SIZE

EDUCATIONAL INSTITUTION,

HANDLING BOTH SENSITIVE

AND PUBLIC AVAILABLE

DATA, WITH LIMITED

BUDGET AND FLUCTUANT

LOAD OF IT SYSTEMS

TYPICAL EXAMPLES:

UNIVERSITY, RESEARCH

INSTITUTION, ETC.

(25)

4.2.1 /

Institution profile

• Limited financial resources that could be spent on IT • Processing a combination of sensitive data (e.g. employee

and student records, research data), as well as publicly available data (e.g. news, timetables, tender

announcements, science papers)

• Utilization of a small number of applications by administrative staff and a number of various software by others (students and researchers)

• Good competences of the IT department staff • Average knowledge of IT technologies among the

institution members

• A volatile level of IT systems utilization (form very low load, e.g. during holidays, to overload, e.g. during exam sessions)

• Resources could be shared with similar and/or partner institutions

4.2.2 /

Suggestions concerning

cloud adoption

The institution features are evident of its capability to adopt cloud technologies. Migration of the services to the cloud and sharing of

(26)

• Financial guarantees from t=he government to ensure operational abilities

• Very specific demands concerning data security/privacy • A number of “tailored” software divided into several

groups of applications • Skilled IT staff

• Average (or low) knowledge of IT technologies among institution members

• Demands of high availability, good quality of services and reliable support

• A stable load of utilized IT systems

4.1.2 /

Suggestions concerning

cloud adoption

The institution size and specific character would prevent it from taking advantage of many cloud features like sharing resources, outsourcing of services, etc. The economic aspects are not critical in this case. The measured load of IT systems is rather stable, so infrastructure is not oversized. Thus, the migration of services to cloud is not a “must” but utilization of clouds could bring many advantages anyway, so cloud adoption should be a next milestone on the institution roadmap.

some services with other institutions could bring about financial bene-fits, reduce the resources spent on IT infrastructure maintenance, and allow for better handling of periodical flood of requests.

Because of the heterogeneity of the data being processed by the institution, a hybrid cloud model seems to be the most appropriate solution. Within a private cloud, sensitive data could be effectively and securely stored, while a public cloud could be used for maintaining and processing the institution’s publicly available data. The public cloud could serve also as a “reservoir” of a computational power that could be easily utilized (renting extra resources) in case of demand overflow. A well-defined set of applications could be provided using the SaaS model to administrative staff. Due to wide spectrum of software used by students and researchers, they could leverage on demand virtual machines by utilizing the IaaS or PaaS models. While the institution’s ERP applications are critical, the majority of the software being used within the institution could be an open source solution.

(27)

Due to the institution’s specific characteristics, a Platform-as-a-Ser-vice (PaaS) model should be deployed. Institution members could be divided into several groups provided with ready-to-use system images that contain preinstalled applications. The heterogeneity of operating systems required by applications makes an “application on demand” (Software-as-a-Service, abbrev. SaaS) model much harder to adopt. Because of the specific nature of the institution, the majority of utilized services could be migrated only to a private cloud to ensure the proper level of security of data handled, and a high availability of critical services.

The request for high availability of services, and demands for software certification as well as for fast and responsive support suggests the

utilization of commercial products; however open models could be also used (though with many restrictions).

institution members

4.1.2 /

Suggestions concerning

cloud adoption

The institution features are evident of its capability to adopt cloud technologies. Migration of the services to the cloud and sharing of some services with other institutions could bring about financial bene-fits, reduce the resources spent on IT infrastructure maintenance, and allow for better handling of periodical flood of requests.

4.

Illustrative

use cases

4.3 /

(28)

PROFILE C:

A SMALL PUBLIC INSTITUTION

WITH LIMITED BUDGET AND NO

SPECIFIC DEMANDS ON

PRIVA-CY OF ITS DATA, OR EXCESSIVE

REQUIREMENTS ON IT SYSTEMS

PERFORMANCE. TYPICAL

EXAMPLES INCLUDE SCHOOLS,

SMALL CULTURAL

INSTITUTIONS, ETC.

(29)

4.3.1 /

Institution profile

The institution’s general characteristics are: • Very limited financial resources

• Application and services that currently run on desktop computers

• Processing of public data (e.g. web pages, news, timetables) • Only a small number of applications are

used (office applications, web servers) • No dedicated IT staff, volunteers with

moderate knowledge of IT technologies

• IT technologies unawareness among institution members • No special demands on the network

throughout and performance of IT systems

4.3.2 /

Suggestions concerning

cloud adoption

A cloud adoption could bring about many benefits to such small institu-tions that cannot afford their own IT infrastructure or dedicated IT staff. Usage of external resources is often the only possibility to use and/or provide services in such cases.

As the institution does not have enough financial resources to cover the initial investment for building in-house infrastructure, the usage of

(30)

institution members

4.2.2 /

Suggestions concerning

cloud adoption

The institution features are evident of its capability to adopt cloud technologies. Migration of the services to the cloud and sharing of

a public cloud seems to be the only choice. Because of the limited number of applications being used, the institution could build its own set of applications on demand (SaaS model), choosing from a wide spectrum of cloud providers, including the biggest ones as Amazon, Google, Microsoft, etc., as well as providers of more specific applica-tions (e.g. digital school register). SLAs with such providers usually include also support services, which are particularly important when an institution has no skilled IT staff. Where possible, the use of open

source software could allow for further reduction of expenses. Finally, the institution owner (e.g. a ministry or local government) can prepare additional cloud-based applications and share them with a set of other similar institutions.

(31)

[4]

HOW CAN I FIND OUT MORE INFORMATION ON THESE MATTERS?

FOR MORE

INFORMATION

YOU CAN

VISIT THE EUROPEAN COMMISSION

DEDICATED WEBSITES:

ON CLOUD COMPUTING:

http://ec.europa.eu/digital-agenda/en/telecoms-and- internet/cloud-computing

ON SLAs:

http://ec.europa.eu/digital-agenda/en/news/cloud-service-level-agreement-standardisation-guidelines

OR SIMPLY VISIT THE SUCRE

PROJECT WEBSITE:

THE DEDICATED CLOUD IN THE

PUBLIC ADMINISTRATION SECTION:

http://sucreproject.eu/news-public-administration

THE SUCRE VIDEO ABOUT

CLOUD ADOPTION IN THE PUBLIC SECTOR:

http://sucreproject.eu/videos

Design: aP

anicRoom.com • Additional graphics: made by Freepik.com

A

SUCRE PROJECT

PUBLICATION / 2014

[email protected] www.sucreproject.eu

(32)

institution members

4.1.2 /

Suggestions concerning

cloud adoption

The institution features are evident of its capability to adopt cloud technologies. Migration of the services to the cloud and sharing of some services with other institutions could bring about financial bene-fits, reduce the resources spent on IT infrastructure maintenance, and allow for better handling of periodical flood of requests.

HELLENIC REPUBLIC

National and Kapodistrian University of Athens