Data centre decisions for government
By Jonathan Nally
Monday, 03 April, 2017
While governments share many of the same sort of data centre concerns with the private sector, there are some public sector challenges that need addressing.
Choosing the right data centre (DC) strategy can be one of the biggest IT decisions a government department or agency will make. Public, private or hybrid; spinning disk or flash; software defined or not — these and other selections (such as addressing security concerns) must be gotten right from the beginning, or endless years of headaches will follow. Fortunately, there are solid guidelines to follow and commercially available solutions that address pretty much every concern a department or agency might have.
To get an insight into the pros and cons of some of the particular nuances of public sector data centre operations, we spoke with one of Australia’s foremost experts on the topic, Matthew Kates, country manager at Zerto Australia and New Zealand.
GTR: What data centre requirements do (or should) governments set that are different to those of private sector customers?
MK: The first and most important requirement for public sector data centres is the security clearance levels to which many government organisations must adhere. Government agencies and departments should always place security as the primary consideration, but it’s also vital to incorporate resiliency and uptime as important requirements. Government systems are not just internal; they can often be public facing or systems that supply critical information and services to citizens and businesses.
With new digital government services there is an expectation and demand for 24x7 availability so there is little tolerance for downtime. Everything from health records to automated payments can be affected by downtime, and the results can have far-reaching consequences in terms of costs. But we are also seeing greater risk to the reputation of government or their suppliers. So ensuring resiliency in the data centre can be an even greater need for government than their private centre counterparts.
GTR: How do you think Australian governments are doing with respect to implementing their data centre strategies?
MK: Government faces ongoing challenges when implementing data centre strategies that the private sector simply doesn’t need to consider. There are some elements of government systems that appear to be lagging behind the private sector, particularly in the more heavily regulated financial services industry.
The federal government has driven a consolidated approach to data centres over recent years following the Gershon review in 2008, and more recently we are seeing similar initiatives at the state level. While there is significant value in a decentralised decision structure and allowing each department and division to manage its own data, it does make it difficult to develop a broad national data centre strategy.
While public sector agencies are not necessarily bound by the same regulations as the private sector, they do have Australian National Audit Office (ANAO) best practice guidelines and the Australian Signals Directorate (ASD) Information Security Manual (ISM)… including the recently expanded Essential Eight recommendations, such as the requirement to have daily off-site backups of important information.
Current technology solutions offer dramatically reduced data loss from the 24 hours that could be lost with a daily backup regime. Systems and data can now be brought back in minutes within seconds of an outage or downtime occurring.
GTR: What are the pros and cons of edge computing for governments?
MK: Edge computing can offer many benefits, such as making users and teams agile, mobile and flexible. It does, however, increase exposure to security risks like hacking, particularly for those who operate in roles that have access to sensitive data.
GTR: What should governments do to ensure their DC solution is still able to deliver 5 years from now?
MK: Commercial scalability is important to consider when looking towards the future of your data centre solution provider. As the department or agency progresses, grows and changes, the services you provide will require the infrastructure and capability of a growing data centre. Looking toward the next few years, it would be prudent for governments to seek data centre solution providers that can provide hybrid cloud capability, allowing for agility, elasticity and scale. This should be true from both an infrastructure and commercial, or cost and billing perspective.
GTR: Is software-defined ‘everything’ the key to implementing a flexible strategy?
MK: Software is key to implementing a strategy that provides scale and elasticity. Moving intelligence to software gives you a level of flexibility that isn’t possible when it is held only on isolated physical assets. Yet government should not ignore hardware completely, as there are always advances in hardware technology. Software-defined replication and migration enables a mix of underlying hardware platforms to seamlessly allow applications to run and easily refresh the underlying hardware.
GTR: Spinning disk or flash memory — which is the best solution?
MK: It is less important to engage in the spinning disk and flash debate and more important to look at application performance needs and cost constraints. The performance required to drive vital apps will drive component choice.
Depending on the performance requirements of the software and underlying data, it may make sense in some instances to sweat older storage assets in an environment for the storage of infrequently used data. Some cases will still see a return on investment when taking into account the ongoing maintenance costs and the ability of the hardware provider to provide ongoing hardware support. This is where software that can manage applications and data across disparate hardware platforms can add considerable value.
GTR: Is open source networking and software the way to go for government DCs, or are they too risky?
MK: The very nature of government means there will always be areas of government IT that can never utilise open source due to sensitivity and security requirements. Many areas of government can benefit from open source networking and software, but security requirements mean that this should always be viewed on a case-by-case basis.
GTR: Finally, what are your top tips for implementing a successful data centre migration strategy?
MK: There are three key tips in implementing a successful data centre migration for government: protect, automate and test. Finding consistent ways to protect workloads before, during and after migration will decrease risk and increase flow. Testing is important throughout the process, so make sure you can test before you move data and test again to ensure it has arrived in the right state. Automating the migration regardless of infrastructure will make it more successful, reducing risk, time and costs.
86% of Australia's top organisations experienced at least one attempted cyber attack last...
Three-quarters of all Australian government agencies now manage their records digitally,...
The Commonwealth Ombudsman has published a report critical of the Department of Human...