Cloud-First Strategy

Steven Wong, Assistant director (IT Infrastructure)

Nowadays everyone of us likely is already using some kind of “cloud technology” in our daily life, e.g. Apple iCloud, Google Drive, Microsoft OneDrive, Dropbox, etc.  These are examples of the so-called Software-as-a-Service (SaaS) cloud applications which are hosted by a Cloud Service Provider (CSP).  Below are also some other common SaaS applications that you may be using in the University:
 

  • Microsoft Office 365 – a productivity suite with messaging and collaboration support
  • Canvas – learning management platform
  • Qualtrics – online survey platform
  • SAP SuccessFactors – staff performance & development review platform
  • ServiceNow – IT service management platform


Traditionally, all IT applications and services are hosted in our data centers.  In this “on-premises” approach, our IT staff are responsible for setting up and maintaining all IT component layers like network, server and storage hardware, virtualization environment, operating systems, and applications, etc.  With the emergence of public cloud technology, there are now three widely recognized Cloud Service Models:

 Source:  CloudOnMove

  • Software-as-a-Service (SaaS) – all mentioned IT components are managed by the CSP
  • Platform-as-a-Service (PaaS) – our IT staff only manage the application and data layers while the CSP manages the remaining underlying IT layers
  • Infrastructure-as-a-Service (IaaS) – the CSP just provides a virtualized environment with servers, storage and network, while our IT staff will be responsible for the operating system layer up to the application layer


In view that public cloud offerings are getting more mature, secure and affordable, ITSC is now adopting a “Cloud-First” strategy whereby for any new IT undertakings, we will first consider the feasibility of leveraging cloud technology where possible so as to realize the associated cloud merits:

  • Shorter time for value-added services delivery
  • Faster pace of innovation
  • Economies of scale
  • Higher availability, scalability & agility
  • Streamlined operational support, e.g. save efforts in applying system updates or security patches
  • Facilitate disaster recovery (DR)

In essence our “Cloud First” approach (which is an emerging trend) means that we will stick to the following preference order for IT solution consideration:

SaaS  →  PaaS / IaaS  →  On-Premises

Note that our “Cloud First” strategy does NOT imply “Cloud Always”, as we need to consider how feasible and beneficial it is to move to cloud.  For instance, we need to assess whether unnecessary risks will be introduced; whether the benefits gained align to strategic business objectives; whether it fits our requirements or we can accommodate with the constraints; or whether it is cost-effective, etc.
 
A major goal of this “Cloud-First” initiative is to cultivate mindset for our IT staff to identify reasons for NOT utilizing cloud rather than why we should, and as we leverage more on cloud technology, we can transit to a more customer-focused service delivery model.

Current Cloud Initiatives

Such a cloud transformation journey takes time to evolve, and we have upcoming the following major cloud initiatives:

  • Fully Leverage Microsoft Office 365 Cloud Suite:
    • Migration of staff E-mail to Exchange Online (see the related Channel article):
      • saving on-premises operations resources/effort while delivering latest features & functionalities in a timely manner (Note: student E-mail already using Exchange Online since 2014.)
    • Adoption of OneDrive for Business as standard personal file store for University documents:
      • default 5TB online storage size, and upon request extendable to 25TB if reaching 90% usage
      • support a version history limit of 500
      • security enhancement like 2FA, ransomware protection, access audit, data labelling and DLP (data loss prevention)
    • Position SharePoint Online as departmental file repository:
      • rich accessibility, security and administrative control
      • now in pilot use with some administrative departments
    • Leverage Teams as a chat-based collaboration tool somewhat like enterprise WhatsApp
       
  • Deployment of Cloud DNS Service – leverage a high-availability cloud-based DNS service for Internet domain name resolution, providing faster name resolution response, with enhanced security protection from DDoS attacks (Distributed Denial of Service) and DNS hijacking
     
  • Disaster Recovery (DR) on Cloud – define a cloud-based DR approach and rework on-premises IT infrastructure services (DNS, AD/LDAP, authentication, endpoint backup, etc.) to be DR-compatible

Key Roles of Our Data Centers

You may wonder whether in the future we still need to keep our data centers with this “Cloud-First” approach.  The answer is a definite “yes” as our data centers still need to serve the following main purposes:

  • Network Center – serves as the core network hub for various network functions like providing campus wired and Wi-Fi access, wide area network (WAN) connection, IP PBX telephone services, etc.
  • Hosting Research IT Facilities – for providing HPC (High Performance Computing) service which is still much more cost-effective for on-premises implementation instead of hosting on cloud
  • Hosting Central Private Cloud – for hosting on-premises private cloud services before possible migration to public cloud
  • Hosting Non-Cloud-Ready Services – for hosting applications which are not yet cloud-ready or due to security/risk consideration, e.g. administrative applications like PeopleSoft
  • Hosting Departmental Servers/VMs – for consolidating and hosting departmental servers (or VMs) in a better managed data center environment, with more effective space utilization and sustainability benefits
prev
next