Welcome to the marketplace! Have you noticed how much that term is getting used nowadays? Before the rise of the World Wide Web, the idea of a marketplace was usually that of a physical, brick-and-mortar location, but it could incorporate any open square or place where we as consumers would go to purchase goods and services. Now that the Web has the ability to reach most people on planet Earth, the concept of a marketplace has expanded. Via physical to virtual (P2V) transformation, the marketplace has grown far beyond malls and markets, to the point that we as consumers literally have the world at our fingertips.
The Global Virtual Marketplace
This virtual marketplace has changed the way companies do business and compete for their place in the global market. For the most part, the expansion of the marketplace to the Web and clouds has been a positive thing, but there are times when the marketplace can fail, and fail in a big way. That usually happens when some person or entity works to try to control the marketplace.
One of the most significant examples of marketplace crash and burn would be the disastrous deployment and general availability of the Health Insurance Marketplace here in the United States. This disaster may end up being a required computer science class on how not to develop and deploy an online application, but I digress. The one real point that I want to make about the Health Insurance Marketplace rollout was that it was government controlled and managed, with no real marketplace competition or bids for the technology contracts. Well, it seems the British have developed a fix for that with their CloudStore for the G-Cloud.
The British government has made a solid effort, in an attempt to control IT spending costs, to adapt and embrace the march to the cloud. The concept is really simple in that all government and public sector entities would utilize CloudStore, via the G-Cloud framework, as the online marketplace for all cloud services. This framework is a general term for agreements with suppliers that simply spell out conditions under which government purchases can be made throughout the term of the agreement, whereas the agency will only pay for services as they use them in a service-on-demand type of setup.
The online catalogue, or CloudStore, contains all the details on the different services that are available, which include all the standard types of cloud services that we all know and love:
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Software as a Service (SaaS)
- Specialist Cloud Services (SCS).
By standardizing the technology services available across the public sector and pushing the technology and government services from physical servers to the cloud, the British government believes it can save between twenty and forty percent of its overall IT budget.
It appears to me that the cost savings are the biggest factor in the push to the cloud; however, as with the Health Insurance Marketplace, the issue of security becomes one of my first questions. Kate Craig-Wood, cofounder and managing director of the cloud hosting firm Memset, has insisted that a move to the cloud would mean improved security right off the bat, in that individuals could not download and burn data to a CD and leave it on a train. I am not quite sure I would have used that as an example, but she did go on to say that services would be classified and then run on clusters according to “impact levels,” such that low-security projects and services would be hosted on public clouds and confidential data would be hosted in a separate secure government cloud.
I really like and agree with the concept of a true government marketplace as an attempt to have a central location in which to shop for technology and cloud services. The overall savings in IT spending is enough reason to make this push, when public sector agencies are looking to control and cut back on spending. However, I am going to question the security around the entire system and at all endpoints and entries. Most government agencies will be connected in one way or another. Using the Target breach as an example, not all endpoints are as secure as they should be, nor are they monitored as heavily as the front doors. And the results of a breach can be devastating. Can you imagine the public reaction if the Health Insurance Marketplace or the G-Cloud were breached? That could alter the public perception of the cloud in such a bad way that the cloud might not ever be the same again.