Without dispute, cloud computing ranks as one of the most significant technological developments in recent years. And like many major advancements, it comes with controversy and challenges. Still being disputed is the suitability of the cloud in compliance-centric industries. Many healthcare organizations still question whether the essential benefits of the cloud – elasticity and quicker deployments – are outweighed by the perceived risks related to security, compliance, and reliability. By Mika Javanainen, senior director of product management, M-Files Corporation
By Mika Javanainen, senior director of product management, M-Files Corporation
Without dispute, cloud computing ranks as one of the most significant technological developments in recent years. And like many major advancements, it comes with controversy and challenges. Still being disputed is the suitability of the cloud in compliance-centric industries. Many healthcare organizations still question whether the essential benefits of the cloud – elasticity and quicker deployments – are outweighed by the perceived risks related to security, compliance, and reliability.
Cloud computing is no longer new, and therefore many of the concerns and questions have been answered over the course of several years and numerous, varied cloud deployments. Furthermore, there are many more options for healthcare organizations today, and in particular, the popularity and prevalence of hybrid clouds have skyrocketed, which has given even the most security-conscious enterprises the confidence to initiate cloud projects.
Time for Healthcare Clouds – In Moderation
Considering the current state of the healthcare industry, there has never been a better time for an extremely elastic, flexible computing model. The recent systemic changes in healthcare have placed unprecedented stresses on technology infrastructures as well as the IT teams that deploy and manage them.
The cloud is continuing to gain broad market acceptance because of its ability to lighten the burden on existing infrastructures. Companies can leverage the cloud without large initial investments in hardware and licenses, and subsequently lower operating costs with the efficiencies of the cloud model for resource provisioning and sharing. The cloud drives up overall IT flexibility, and the simplified service delivery model results in quicker deployments and increased service levels.
The time is right and the benefits are clear, and hybrid deployment models have eliminated the last barriers to the cloud. Not surprisingly, increasing numbers of software vendors are developing on-premises and cloud offerings in parallel and are providing similar user experience and functionality in both cloud and on-premises deployments. Organizations can protect their investments in current IT infrastructure, keep sensitive information assets in-house, and simultaneously move some applications and content to the cloud. Without having to go “all in,” the hybrid approach becomes a viable option.
Are hybrid cloud strategies resonating with organizations and technology teams? Gartner conducted a survey, and asked enterprises if they would be pursuing a hybrid cloud strategy by 2015. They found exceptionally high interest in hybrid strategies – 70 percent of respondents said “Yes.”
Deployment Options – Hybrid Clouds and Hybrid IT
Two common models have emerged for hybrid deployments. Some organizations have built hybrid clouds comprised of private and public cloud resources. Others combine on-premises systems with a public or private cloud platform. The latter deployment model is often referred to as Hybrid IT and can be particularly appealing to healthcare organizations and any other environment where ensuring information security is paramount. This approach enables organizations to keep compliance-related information behind the firewall in their existing on-premises systems while leveraging cloud solutions for other business functions.
Organizations adopting hybrid cloud and Hybrid IT strategies should consider several factors – starting with security. IT must analyze the required levels of security and evaluate the options. Besides account access controls, data encryption must be evaluated especially for any information that will traverse the public Internet. End users may also demand a single sign-on capability that spans the hybrid infrastructure.
It is also important to analyze the content associated with the various systems. If some content is too confidential to be in the cloud, or the repositories are too difficult to move to the cloud, look for solutions that can help categorize data and efficiently manage it regardless of where it resides (on premises or in the cloud).
In a hybrid environment, an important consideration is whether on-demand computing resources can be integrated with the organization’s existing on-premises systems and/or private public cloud platforms and solutions. If integration is required, the number of vendors and solutions to evaluate is reduced since providing smooth integration between various systems requires well developed APIs and web services that not all systems provide.
Geography represents another important consideration. Cloud services can extend a healthcare organization’s infrastructure into other countries. Cloud providers should be evaluated in terms of the location of their servers and data centers. While most healthcare providers will choose to keep patient health information on premises, making sure that all data in the cloud can be kept within specified region, such as in the US or EU, to make sure that the system complies with the relevant laws and regulations.
IT Orchestrates Hybrid Deployments
Increased use of private and public clouds can reduce the infrastructure management burden on the in-house IT department. Many cloud providers have the resources and service delivery models to more efficiently scale and manage their services, and provisioning new services and computing resources becomes easier since IT does not have to purchase and configure new hardware.
IT teams must, however, consider how cloud platforms will change IT focus and processes. In a simple cloud model, the cloud service providers have direct relationships with the end users. In more complex situations, IT must serve as the intermediary between cloud providers and the end users and manage logins and integrations between the systems.
This in-between (or broker) role gives IT the maximum control over the evolving infrastructure, and also allows IT to introduce value-added services tailored to the organization. For example, if multiple cloud services are introduced, IT can aggregate, customize or integrate the services that are offered to the users. IT can also ease the end-users’ pain by providing the same identity service to all cloud services instead of users having to remember different logins and passwords for each service. This centralized identity management also improves data security and streamlines exit processes relating to any terminations of employment, for example.
Another critical role for IT is to manage all employee devices and apps that are used to access the cloud and on-premises systems. Making sure that lost or stolen devices do not compromise the data security should be high priority on any CIO’s agenda. As IT moves forward with a hybrid cloud strategy, they essentially evolve into a hybrid IT organization. While continuing to provide traditional IT services (in support of the existing in-house infrastructure), they also start acting as a cloud and IT services broker.
Getting Ready for Change
Many healthcare organizations have been understandably cautious about jumping into the cloud. However, the validation of the hybrid cloud deployment model is melting away the initial concerns. Private and public clouds are being deployed in greater numbers, and an increasing number of IT departments are keeping hybrid models in mind regardless of the current state of their infrastructures.
The benefits and flexibility of the hybrid cloud model are becoming increasingly enticing to today’s compliance-centric and resource-restricted enterprises. Committing to a hybrid deployment strategy offers healthcare organizations the promise of augmenting current capabilities and systems while enabling them to deploy and consume cloud-based resources at a pace that best suits their IT and business objectives.
About the author
Mika Javanainen is senior director of product management at M-Files Corporation. Javanainen is in charge of managing and developing M-Files product portfolio, roadmaps, and pricing globally. Prior to his executive roles, Javanainen worked as a Systems Specialist, where he integrated document management systems with ERP and CRM applications. A published author, Javanainen has an executive MBA in International Business and Marketing.