A few weeks ago I got to attend Alfresco’s Content.gov in one of my favorite US cities, Washington DC. Having lived near the city for six months a few years ago, it really felt like a different place when talking to old friends and customers about what was happening to the government sector right now. We talked about sequestration, the furlough and budget squeezes that were having an impact across all the government agencies. This situation is not too dissimilar from the challenges faced by the UK government everyday too.
So the key question several people I met posed was this – with all the cuts going on in government, how can agencies and departments deliver more with less?
My inevitable answer was cloud. Cloud enables IT departments to shift their resources from spending 80% of the budget (the average today) from simply running and maintaing existing systems and infrastructure, towards spending smaller budgets on delivering new solutions and innovations instead. And it seems the current administration agrees with a directive to push agencies towards open-source and cloud solutions to benefit from these cost savings.
While the cloud provides many benefits, in addition to the cost savings, there are several challenges government agencies need to address before adopting a scalable cloud solutions:
- First and foremost is compliance. While there is a push towards cloud, cloud solutions must be FISMA compliant and depending on the data being stored, potentially HIPPA along with a whole other range of compliance certifications too
- Closely tied to compliance is security. While a lot of Government data is publicly accessible, there are huge amounts of data which aren’t and need to be kept top secret and out of the hands of hackers. With the recent Wikileaks postings and increased foreign activity in cyber espionage, this concern is very real.
- And finally, like many large organizations, integration. Being able to customize cloud solutions to their individual requirements, are still important, to get the most benefit out of the solution.
So how can government agencies adopt cloud while addressing these challenges?
Enter Open-Source Hybrid ECM
With the current state of security, compliance and integration challenges within the public sector, cloud-only solutions cannot meet all the needs of agencies and their constituents while on-premise cannot open up content to new use cases such as easy external collaboration, mobile devices and sharing data with other cloud services. It iss clear a new solution is needed that delivers the control and compliance of on-premise with the agility and cost savings of cloud. We call it Hybrid enterprise content management (ECM).
Using our powerful open source on premise Enterprise solution for ECM, you can easily synchronise content to Alfresco in the cloud, to enable new use cases and architectures for managing your content both inside and outside the firewall all while benefiting from the cost savings of open source and cloud compared to the more traditional ECM solutions out there.
The Key is Content Classification
By understanding the classification of your content, you can decide what needs to stay under your control on-premise and what can go into the cloud. Many agencies generally categorize their content into three broad categories:
- Public - This is content that is publicly available and does not need to be secured. For example this could be articles, web content or policies that have been published to the public. This should be able to go into the cloud without any issues.
- Confidential – This is internal content like day-to-day office documents that agency workers create and share to do their jobs. The content is confidential, but if the content was leaked, it would not have a harmful impact on the agency. Most of this content should be okay to go into a secured cloud, but certain pieces of content may need to be kept on premise if it relates to more confidential information.
- Top Secret/Restricted – This is the highly restricted and top secret information that should never be out of the control of the agency and would be harmful if ever leaked. Think security briefings and intelligence dossiers. These still need to be managed and accessible, but cannot be put into a third party cloud service.