The objective of this study was to analyse the current national initiatives for the deployment of clouds in the public sector in ten Member States, to identify and describe best practice use cases and to propose pilots for those application areas where current cloud take-up is absent or however limited.
So far, in the 10 Member States covered by the study (Austria, Belgium, Denmark, France, Germany, Italy, the Netherlands, Portugal, Spain, the United Kingdom), the deployment of cloud in the public sector (at the national level) is at a very early stage.
The Member States have taken very different approaches regarding cloud in terms of applications covered (citizen-type, employee-type, vertical, critical, sensitive), type of infrastructure (public cloud versus private cloud), relationships with e-government applications (development from scratch or just migration of existing applications), or global policy.
These approaches can be clustered into 3 main emerging models (with their own best practices) that are presented below. They differentiate mainly in the nature of the infrastructure and the level of centralisation, implying the search for a trade-off between level of control (to ensure better technical performances or security, especially when sharing data) and short-term savings.
First model: Procurement and Marketplace
The first major emerging model for cloud has a focus on the procurement of cloud solutions. Generally it consists in a procurement framework to allow easier purchase of cloud solutions and a marketplace (like Apple App Store). This model is already operational in the UK (with G-Cloud and the CloudStore), clearly considered a flagship initiative by other Member States. It is under development in Portugal and partly also in the Netherlands (in this case covering only the marketplace, not the procurement component), in both countries planned to be launched in 2014, and also some other Member States have considered this approach.
The model takes a very broad approach, covering all types of cloud applications. However, the procurement framework generally includes some restrictions (especially regarding security levels), thus limiting the possibility to develop sensitive or critical applications. Most of the applications that are purchased through such a framework are, indeed, limited in terms of features (generally horizontal applications which could be adopted by the private sector), because it is harder to have tailor-made solutions. Technical requirements associated with applications in this model are therefore more limited than in other models.
The underlying strategic concept is to focus on cost savings and improvement of the local economy through a better involvement of local cloud suppliers. The general philosophy is to turn to the market in order to achieve more cost savings, by means of external providers’ applications and even infrastructure (public cloud is indeed the main model). Efficiency is achieved through standardised processes and procedures with cross administration accreditations; it is also easier to monitor in terms of actual adoption and savings targets.
The main issue associated with that model (which stopped some Member States to adopt it) is that the establishment of a procurement framework is a long process. It also needs to be repeated at regular intervals in order to comply with the general public procurement framework, which is not flexible enough to accommodate with cloud in general and the business practices of many cloud providers in particular. Another issue is that this model does not encourage sufficiently administrations to cooperate and to break the traditional silo effect.
Second model: Resource Pooling
The second major emerging model involves resource pooling across administrations through a common central infrastructure and/or platform in order to deploy cloud computing. This model is already operational in Spain with numerous applications around the Sara Network and is currently in deployment in France (DILA, pilot), Belgium (Fedict) and the Netherlands (also a partly adopter of the first model). Spain is clearly the most advanced country for this model, but its developments are not really known by other countries. Some other countries could also qualify for this model (Germany with the R&D project GoBerlin, Austria with its IaaS pilots), but their projects do not have really yet the same breadth in terms of scope and ambitions.
The main idea is to get the infrastructure right first around a private cloud, which potentially allows for more developments of critical or sensitive applications. However, in reality, initiatives focus so far on IaaS solutions rather than applications. And even Spain has rolled out mostly horizontal applications (i.e. solutions addressing citizens and/or employees that are not very specific with any administration like collaboration tools or information portals). While having obviously in mind potential cost savings, most Member States involved around this model are testing the cloud technologies through their infrastructure initiatives. This leads to advanced requirements compared to the first model for scalability (with even network performances issues), reliability (though SLAs) and security.
The drawbacks of this model are the natural consequences of the centralization approach. The overall process is rather slow. Indeed, many technical issues related to the integration have to be solved before launching anything. In addition, the funding remains an issue for the central organization in charge, handling all of the upfront costs without a clear return, which can also contribute to a slow start. Finally, there is a higher risk of lock-in with this model if the infrastructure is handled by a third party.
Third model: Standalone applications
The third and last emerging model involves isolated standalone applications developed by Ministries on their own. There is no real central coordination in this model (even when a central policy does exist). This model is operational in Denmark and Italy and to a lesser extent in Germany and Austria (small projects like email), but also in France (Chorus) or in the UK (around NHS), in which advanced projects have been launched outside of the framework of the two first models.
The focus is generally on applications only, decided upon by the Ministries. In most of the cases, the effort is concentrated on the cloudification of existing applications (especially for horizontal solutions). Those applications may be already quite advanced in terms of features, often implying advanced requirements and need for back-up systems. The cloud adoption for these applications is clearly driven by cost savings objectives. The investments required are generally quite limited, as there is no need to start from scratch. The projects are only launched when return on investment and potential of scalability have been identified.
This model is very pragmatic and allows for faster development, at least in the short term. This is indeed the model with the most running projects so far. The effort remains moderate, thanks to previous investments and previous technical studies to tackle the main non-cloud issues. This allows also concentrating most of the efforts on the cloud migration and its specific problems (security, legal issues).
The main issue with this approach is the lack of visibility of such initiatives (as there is no global approach), which could limit the level of usage. This model also does not encourage any cooperation between administrations.
Bonneau, V., Mahieu, B., Dudenbostel, T., Gaudemer, J., Giarracca, F., Good, B., Poel, M., Ramahandry, T., Van Til, J. (2013) Analysis of cloud best practices and pilots for the public sector, Study prepared for the European Commission DG Communications Networks, Content and Technology, Digiworld by IDATE and Technopolis [group] DOI: 10.2759/35653