If your college or university was beginning anew, chances are that an on-premise data center would not be in the campus infrastructure plans (assuming there actually was a physical campus). IT would be outsourced, just as maintenance, grounds, food and security services would be. Scholarly excellence enabled by financial stability would guide the apportionment of resources and command the administration’s focus, with all other non-core operations left to others who specialize in those service areas.
But, take heart. For you, the IT professional serving higher education, there is Infrastructure as a Service (IaaS). This is the fastest growing segment of the cloud services industry. It has all the features and benefits that people list when they speak of the advantages of cloud computing systems and storage. Key among them is the fact that the cloud service provider (CSP) owns, manages and staffs the infrastructure. It is cost effective, highly scalable, highly available, flexible and secure.
You already have a data center? So did Spalding University. The data center on its 80-year-old, 6-acre campus was bulging at the seams. It was unable to accommodate or, more importantly, help create growth and new programs. For all intents and purposes, Spalding U has a data center no more, having fully adopted the IaaS cloud model. The IT department now devotes more attention to the business of educating instead of the operations of an IT infrastructure.
The value of IaaS is the ability to get out from under the burdens of IT management and operations in order to focus on higher-value business opportunities using IT as a tool box. Let’s kick-start that worthy goal by exploring how it’s done in terms of programs of study.
Servers, storage and networking represent a big portion of the IT budget. Most of the money, typically around 70% or more, is spent on maintenance work, maintaining status quo, keeping the lights on. That leaves little time or money for new program development, installing and learning new technologies, or contributing to the business end of education. It is a cost, not a profit center. New equipment is a capital expense, not an operating expense. All this places IT in a compromising position, especially when called upon to support mobile and social media programs and applications, which are so important to today’s students.
Moving workloads to the cloud infrastructure relieves internal IT staff of those responsibilities and pressures. It provides access to the most current technologies available, with certified technicians and engineers on the job 24/7. Because IaaS is a shared infrastructure (redundant power, cooling, network providers, servers and storage, etc.), it boasts economies of scale that would be impossible to accomplish on premise.
Discussions of cloud computing invariably lead to questions about security, which then leads to regulatory compliance. Can a CSP be trusted to protect the personal information of our students – financial aid, health, social security numbers, or academic record, to mention a few? How about the research being conducted in our labs and the university’s financial data? The answer is that it depends on the provider.
By law, much of this data must remain within U.S.; it cannot travel or be stored outside our borders. Government funded research is also subject to strict rules – security and export rules. Large public cloud providers may have a difficult time telling you where your data is stored, which could be anywhere in the world.
Sensitive data also must be protected from hackers. Many institutions worry as much, if not more about cyber-attacks coming from their own employees than from malicious outsiders. Regardless, colleges are prime targets for incessant attacks on their security perimeters. The recent headline in The Chronicle of Higher Education regarding the University of Maryland says it all: Data Breaches Put a Dent in Colleges’ Finances as Well as Reputations.
Some IaaS providers know the ropes. A security- and compliance-minded provider submits to annual independent auditing under the SSAE 16 , ISAE 3402 and AT-101 audit standards. Compliance with the Payment Card Industry Data Security Standard (PCI-DSS) and the Health Insurance Portability and Accountability Act (HIPAA/HITECH), and self-certification under the EU Safe Harbor Directive show that the CSP has taken initiative to serve customers subject to strict security standards.
Aside from jurisdictional issues pertaining to data processing and storage, doing business with an IaaS provider that is local means you have ready access to technical assistance, knowledgeable resources for strategic planning, and your data center close at hand for reviews, check-ups, and continual re-evaluation.
A local provider with additional geographically dispersed data centers is a big advantaged when it comes to data backup, business continuity and disaster recovery planning; jurisdictional issues still apply. A CSP that owns, operates and maintains its own IT and cloud infrastructure is generally preferable to one that does not. That’s a provider in control of its own destiny and that of its customers. The same applies to a reseller’s IaaS services provider. Transparency may be even more important when an intermediary is involved, and the reseller should be proud of who it provisions its services from.
Human Resource Management
Finding and retaining enough IT talent is a challenge for most everyone. That’s particularly true for many colleges, which tend to have smaller budgets than other commercial businesses do. At the current velocity of technology advancement, product development, and new computing models, keeping skills sharp and current is equally challenging.
Leading CSPs attract people with excellent technical skills because of the challenging environment in which they work; this is their business, not a business-support function. They will seek out people with current software, hardware and network certifications and ensure their credentials remain current. CSPs with a commitment to security and compliance will have people devoted to keeping up with regulations and laws, and ensuring that their infrastructure remains in constant compliance.
Again, this is their business. Economies of scale are at work here, as well. Having two or more Cisco certified network professionals on staff is easily amortized. A CSP’s customers are looking to the future and it’s up to the provider to have the resources that can take them there.
Many new technologies arrive on campuses very early in the adoption cycle. They arrive there with each new incoming class. Students don’t want to use these tools; they expect to use these tools.
The traditional IT model leaves little time, money or talent to leverage IT in order to create new products, services and programs. IT is too wrapped up with ‘keeping the lights on’ to help with marketing the university, with the social media programs that draw in new students and keep current students involved, or with distance learning or outreach to underserved communities. Consequently, IT continues to be viewed as a support function and a cost center, rather than an enabler and profit center.
IaaS is no panacea. But it can be the start of transforming not only how IT gets done, but how IT professionals on campus actively contribute to the vitality of campus life and the success of the institution.