Government Cloud On-Ramping

Legacy systems are both unreliable and expensive, with the cloud offering many benefits in flexibility, agility and cost reduction. Despite High Assurance Software Defined Wide Area Network  (SD-WAN) frameworks now being generally available, an estimated 80% of UK government departments are still failing to make the move, with their cloud strategies on hold.

The UK Treasury is becoming increasingly frustrated by the billions of pounds wasted by government departments on legacy technology and proprietary infrastructure. With Digital Transformation now imperative, there is little patience for the endemic delays in decision making that are adding untenable costs to a government that simply has no more resources.

Why are departments still spending £millions every month on expensive proprietary connectivity when the tried, tested and proven SD-WAN alternative costs just a fraction? How can departments justify the use of outdated legacy systems that demand huge expenditure just to keep up and running when reliable, lower cost cloud-based alternatives are so accessible?

With the High Assurance SD-WAN framework now generally available, there are no more excuses. Digital Transformation must progress, quickly.

Weak Excuses

Digital Transformation is now vital for government departments. After two years of pandemic delayed projects and facing unprecedented financial pressures, there is zero tolerance for excuses. Not only are legacy systems both unreliable and expensive, but the cloud offers many benefits in flexibility, agility and cost reduction. And yet, an estimated 80% of UK government departments are still failing to make the move, with their cloud strategies on hold.

So what’s going on? Many departments have clearly defined Digital Transformation roadmaps; cloud providers have been selected - often more than one to provide resilience and contingency; and application migration plans have been defined. The one remaining sticking point is data security - most notably, the safeguarding of data in transit between the on site systems and the cloud. 

With departments typically opting for a hybrid environment during the incremental Digital Transformation process, rather than a wholesale move to the cloud, it is clearly important to extend the data security posture between the current environment and the cloud. Furthermore, there is no argument that Government departments have stringent data security requirements - much of the data is highly sensitive. Compromising security due to the impact on network performance is, clearly, not a viable option - or for those organisations who have chosen that route, an extremely high risk alternative, particularly given increasingly concerning geopolitical circumstances.
Claims that the use of low cost SD-WANs to provide the vital link to the cloud are inherently lacking in the security required to safeguard sensitive data, however, are out of date.

Yes, SD-WANs use public infrastructure, but the Common Criteria accredited High Assurance SD-WAN framework that couples a High Assurance security overlay with market leading SD-WAN technologies, is proven and being used by governments and organisations across the world to safely accelerate Digital Transformation plans.

Security Stand-Off

The only beneficiaries of this endemic decision-making paralysis are technology vendors and service providers raking in £millions every month to support and maintain outdated, often inadequate, technology. Given the huge cost differential between legacy and cloud-based solutions, the biggest risk now facing UK government is that individuals tasked with achieving Digital Transformation and radically reducing IT spend will feel compelled to simply ignore data security issues. 

With a desire to achieve a stable, effective and scalable technology infrastructure, it is a hugely frustrating situation for IT and network teams – not to mention those with budgetary sign off. While the risks associated with failing to consider the security implications are profoundly serious, there is no more money: unless this stand-off is addressed, everyone involved stands to lose.

Security must be at the heart of any Digital Transformation journey – and that requires a shift towards a Zero Trust mindset.

It means stepping away from the concept of a trusted environment and a focus on securing the data irrespective of its location. This is where High Assurance SD-WAN frameworks change the game, using crypto-segmentation to protect and ensure the integrity of sensitive data - without any impact on network performance.

Accelerating Change

With this Zero Trust approach, a High Assurance SD-WAN overlay makes the underlying network infrastructure irrelevant, whether it is public or private, trusted or untrusted. The data security team simply needs to define the policy and, with ownership of the cryptography keys, can be confident that data is protected at all times wherever it goes. 

The model is akin to the transfer of gold or cash between banks. Security at each bank is established and accepted – it is the movement between the banks that raises concerns. The use of a secured armoured vehicle is reinforced by locking the gold away in a secure environment using keys that only the bank – not the guards – have access to. Similarly with crypto-segmentation, even if the data is compromised in transit, the only people who have access to the keys are the owners of the data: no one else can do anything with that data. Irrespective of where that data is travelling, it is protected.

For government departments the High Assurance approach to SD WAN enables the secure utilisation of low-cost SD-WAN connectivity, which is a huge financial incentive. Furthermore, there are no constraints on network redesign; no barriers to the types of data or applications that can be migrated to the cloud, which ensures both operational agility and a consistent data security posture that can evolve throughout the Digital Transformation journey, from on premise, through hybrid, to the cloud. This means Digital Transformation plans can be accelerated and departments can quickly realise economies of scale. 

Conclusion

Delaying Digital Transformation is creating unacceptable risk and incurring unacceptable costs. Every postponed decision compromises progress and leaves government departments at the mercy of vendors who are continuously inflating maintenance and support charges. The transformation away from legacy to current technology is an absolute must – a fact clearly recognised by government department heads who are having to explain, under fire, why they are continuing to spend Treasury money on outdated IT projects.

Right now, most decision making committees are using the concept of data risk as an excuse for not progressing Digital Transformation. But any claim that plans cannot move forward due to regulatory compliance or internal controls are no longer true – that risk argument has been addressed and resolved.

The benefits of the Digital Transformation are indisputable, from systems stability to hugely significant cost savings: so just what is the excuse for continued mis-spend of public money and failure to follow well established routes to the cloud? 

Paul German is CEO at Certes Networks

You Might Also Read: 

Three Vital Concerns For Companies Running Hybrid Cloud Environments:

 

« Cyber Attacks On Ukraine Are Increasing
Lapsus$ Hackers Targeted T-Mobile »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CIO

CIO

CIO provides technology and business leaders with insight and analysis on information technology trends

Microsoft Security

Microsoft Security

Microsoft Security helps protect people and data against cyberthreats to give you peace of mind. Safeguard your people, data, and infrastructure.

ID Quantique (IDQ)

ID Quantique (IDQ)

ID Quantique is a world leader in quantum-safe crypto solutions, designed to protect data for the long-term future.

Ingalls Information Security

Ingalls Information Security

Ingalls Information Security provides network security, monitoring and forensics.

Applied Security (APSEC)

Applied Security (APSEC)

APSEC provides products and services in the areas of encryption, digital signature, authentication and data loss prevention.

Metro Systems

Metro Systems

Metro Systems offer fully integrated IT solutions & services covering Digital Transformation, Digital Infrastructure, Cyber Security and Training.

Kapalya

Kapalya

Kapalya empowers businesses and their employees to securely store sensitive files at-rest and in-transit across multiple platforms through a user-friendly desktop and mobile application.

S4x Events

S4x Events

S4x are the most advanced and largest ICS cyber security events in the world.

Pinpoint Search Group

Pinpoint Search Group

Pinpoint Search Group's recruiters specialize in Information Management, Cyber Security, Cloud and Robotic Process Automation (RPA).

CyberCube

CyberCube

CyberCube provide world-leading cyber risk analytics for the cyber insurance market.

Open Quantum Safe (OQS)

Open Quantum Safe (OQS)

The Open Quantum Safe (OQS) project is an open-source project that aims to support the development and prototyping of quantum-resistant cryptography.

Air IT

Air IT

Air IT are a responsive, client-focused and award-winning Managed Service Provider, helping clients achieve success and transformation through their IT and communications.

Cyber Chasse

Cyber Chasse

Cyber Chasse is an IT consulting and staffing company offering a full range of cybersecurity solutions, contract staffing services and online training courses.

Grindstone Ventures

Grindstone Ventures

Grindstone Ventures is a post-seed fund that supports post-seed equity and quasi-equity investments in early-stage innovation-driven and/or technology companies.

HashDit

HashDit

HashDit products and services focus on helping build a safe ecosystem for both protocol users and smart contract developers on BNB Chain.

ACDS (Advanced Cyber Defence Systems)

ACDS (Advanced Cyber Defence Systems)

ACDS was founded in the belief that cyber security can be done better. We’re combining emerging technologies and proven methods to bring a new approach to tackling the growing threat landscape.