Finding the Right Balance Between Modernization and Security

paul.parker over 5 years ago 3 minute read time

By Paul Parker, SolarWinds Federal & National Government Chief Technologist

With 2018 two-thirds over, federal agencies should be well into checking off the various cloud migration activities outlined in the American Technology Council’s Federal IT Modernization Report. Low-risk cloud migration projects were given clearance to commence as of April 1, and security measures and risk assessments will take place throughout the rest of the year.

Agencies must remain aggressive with their cloud migration efforts yet continue to enforce and report on security measures while undergoing a significant transition. Adopting a pair of policies that take traditional monitoring a step further can help them continue operating efficiently.

Deep Cloud Monitoring

As our recent SolarWinds IT Trends survey indicates, hybrid IT and multicloud environments are becoming increasingly prevalent. Agencies are keeping some infrastructure and applications onsite while turning to different cloud providers for other types of workloads. This trend will likely continue as agencies modernize their IT systems and become more dependent on federally specific implementations of commercial cloud technologies, as called for in the ATC report.

A multicloud and hybrid IT approach can create challenges. For example, “blind spots” can creep in as data passes back and forth between environments, making it difficult for federal IT professionals to keep track of data in these hybrid environments. In addition, trying to manage all the data while ensuring adequate controls are in place as it moves between cloud providers and agencies can be an enormously complex and challenging operation. It can be difficult to detect anomalies or flag potential problems.

To address these challenges, administrators should consider investing in platforms and strategies that provide deep network monitoring across both on-premise and cloud environments. They should have the same level of awareness and visibility into data that resides on AWS or Microsoft servers as they would on their own in-house network.

Deep Email Monitoring

In addition to focusing on overall network modernization, the ATC report specifically calls out the need for shared services. In particular, the report cites moving toward cloud-based email and collaboration tools as agencies attempt to replace duplicative legacy IT systems.

The Air Force is leading the charge here with its transition to Microsoft Office 365, but there are inherent dangers in even a seemingly simple migration to cloud email. Witness the damage done by recent Gmail, Yahoo!, and Office 365 email outages, which caused hours of lost productivity and potentially cost organizations hundreds of millions of dollars. Lost email can also result in missed communications, which can be especially worrisome if those messages contain mission-critical and time-sensitive information.

Agencies should consider implementing procedures that allow their teams to monitor email paths, system state, and availability just as closely as they would any other applications operating in hybrid IT environments. Emails take different paths as they move between source and destination. Managers should closely monitor those to help ensure that the information moves between hosted providers and on-premise networks without fail. This practice can help IT professionals better understand and monitor email service quality and performance to help ensure continuous uptime.

The fact that there is now a clear and direct map to modern, agile, and efficient infrastructures does not necessarily make the journey any easier. Thorough strategies aimed at cloud and application or service (like email) monitoring can help agencies navigate potential hazards and help ensure seamless and safe modernization of federal information systems.

Find the full article on GCN.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

Top Comments

rschroeder over 5 years ago +2

Call me a Luddite, but life was better, work was more productive, customer and employee satisfaction was greater--before we moved to O365 in the cloud. A couple of weeks ago our ISP/WAN provider had a…
bobmarley over 5 years ago +1

" They should have the same level of awareness and visibility into data that resides on AWS or Microsoft servers as they would on their own in-house network. " How do you get this from your cloud provider…
smttysmth02gt over 5 years ago +1

Nice write up....however..........Idk that everyone would agree with this: " The fact that there is now a clear and direct map to modern, agile, and efficient infrastructures...".

tallyrich over 4 years ago

You repeat the word "deep" and I think that is with good reason. Monitoring has become more critical than ever in that we need to see beyond the obvious. It used to be enough to know that we could get email from one person to another, now we have to be concerned with the time it takes - and more importantly, the integrity of said email.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
fmasotti over 4 years ago

working in the cloud is very useful but when you have electrical problem or network problem you are cut out of the world and you can't even work with office if you have paid only for the cloud solution without a local installation. I agree that working in cloud is more complex than in a local enviroment (i think about ad, development servers,and so on)
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
df112 over 5 years ago

Dang. Hadn't seen that one yet. Thanks for posting.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
robertkcampbell over 5 years ago

Thanks for posting this!
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
bobmarley over 5 years ago

There have been several regional outages recently. Some simply due to human error. Kind of scary.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel