How Red River is Accelerating the Public Sector's Cloud Transformation

Earlier this month, we sat down with Larry Bowles, chief of cloud platforms at Red River to discuss how Red River is helping the public sector accelerate their cloud transformation with multi- and hybrid-cloud solutions. Delivering cloud-agnostic solutions, Red River can help public sector organizations transition to the cloud no matter where they are in the transformation. Read the interview to learn more about how Larry and Red River are helping the public sector—and even learn about their five cloud superpowers! 

DLT: Welcome Larry. Tell us a little bit about yourself and the work you do at Red River.

LB: So a little bit about myself, I'm a Marine Corps infantry combat veteran and entered my career in Information Technology (IT) back in the early nineties with the likes of DOS and Banyan Vines. My role within Red River has been to create and execute our cloud platforms go-to-market strategy to support our customers across commercial, state and local governments, education and the federal government. This includes the continued growth of our partnerships with market-leading cloud service providers (CSP). The cloud platforms practice horizontally focuses on the successful delivery of our customer cloud projects. Although Red River provides more than just private cloud or private hosted cloud, my focus is with the hyper-scalers like Amazon Web Services, Microsoft Azure, Google Cloud Platform et cetera. 

I’m also a member of Red River’s Office of the Chief Technology Officer (OCTO) as one of seven technology innovation leaders. We focus on innovation for the company as well as look at emerging technologies and what the two to five-year investment plans for all technologies, including cloud, are going to be within the company. 

DLT: As public sector organizations continue their cloud transformation; how can multi-cloud solutions provide solutions to challenges like cloud “sprawl”?

LB: Over the last decade, I have been watching our various customer markets and tracked the trends as each one has its own technology transformations into the cloud. For the public sector, I see many organizations are still working through acquisition motions for how to successfully procure consumption-based information technology in the cloud. There are also a few forward-leaning, smaller organizations in the public sector space, that are already in the cloud and have gone past that acquisition model. These customers tend to be more focused on Infrastructure as a Service (IaaS) within the “Cloud Cake” model of IaaS, PaaS, SaaS. There is also one last smaller subset of customers who are testing the boundaries within cloud and leveraging cutting edge things inside of the cloud, like the Internet of Things (IoT), DevSecOps, machine learning, artificial intelligence, or blockchain. 

Every IT department has had to deal with some sort of “sprawl” as technology has continued to evolve over the past three decades. If you look back in the 2000s with the proliferation of servers and desktops all over the place, we saw that as computing got better and cheaper and faster, the price of those devices went down. We saw dense virtualization of servers and desktops become the normal and overcame virtualization sprawl to successfully manage an ever-growing number of virtual machines (VMs), sometimes cross hyper-visor. 

The latest type of sprawl we are combating is “cloud sprawl”. Now we're going back to centralized computing almost like the days of mainframe and dumb terminals, where we have low-end, low-cost devices that are accessing high powered network, storage, compute, application resources all living in the cloud. These services are designed to be secure, elastic and fault tolerant. 

We find customers at various stages of their cloud technology transformation. As some customers get further into their journey, they're realizing how “cloud sprawl” can easily occur. Whether it’s many account IDs or subscriptions from a single CSP or they are seeing where departments have deployed within multiple CSP environments. 

To solve this “cloud sprawl” problem, at Red River, we have been developing our solutions, frameworks and working with our go-to-market partners to provide a single pane of glass to manage “cloud sprawl” specific to our customers’ investments. 

For example, how do you control role-based access? How do you automate the provisioning and deployment of new features, functions, services across a myriad of cloud service providers to include on-premises, private cloud, or even a private cloud hosted in a co-location somewhere, either for disaster recovery or continuity of operations?

We are starting to see more customers are choosing the multi-cloud approach as they look at different CSPs, different features, functions, different price points and their internal requirements, driving them to have a multi-cloud architecture. Some are aware of the potential for vendor lock-in and are future-proofing their workloads as well as planning ahead to ensure their solutions will transcend beyond a single provider’s cloud. 

DLT: How can establishing governance models help organizations maximize their cloud success?

LB: In my experience, what we've seen is that some public sector organizations want to move to the cloud but don’t have the experience or knowledge with current staff to make the transition successfully. They have become great at managing their existing on-premises end-to-end-IT, but the pace of cloud is much faster than the traditional on-premises hardware procurement, software procurement, and lifecycle refresh timelines they have grown accustomed to. 

As we get into cloud governance, let’s use an example of how IT within an organization is organized today. When customers perform their IT operations or their IT futures roadmap, they usually have a networking team. They have a storage team. They have a server team. They might have a virtual server team. They'll have different application teams. Each team usually has different IT requirements/needs and often works independently of each other until a problem arises. As we deploy inside of the cloud, we have to break down the barriers on-premises, capacity-based models have instilled in IT. An example would be the storage team might have their own account ID/subscription within a CSP where they deploy resources to. An application team might have their own account ID/subscription with the same CSP where they deploy to. 

We see this often where different departments have their own accounts that aren’t tied together in a brokerage model with governance in mind. This could lead to security issues and data integrity challenges. We've seen a significant amount of cost runaway in a cloud service provider for some of our public sector customers because they don't take a governance approach to cloud computing thinking of the organization end-to-end in the cloud.

As organizations move to a CSP model, they’re going to want to set up those organizations and various subscriptions with controls that go all the way down to the individual resources deployed. This helps make sure there isn't cost runaway and security policies are in place for the entire organization as they start to take advantage of cloud computing.

DLT: What other challenges can public sector organizations expect when migrating to the cloud?

LB: In the public sector, when we talk about shifting to the cloud, we often talk about the capital expenditure (CAPEX) reduction that happens. The way budgets work in the public sector isn’t exactly about cost savings but more about cost reallocation. A reallocation of funds to bolster ingress and egress network connections, as well as devices, to give end-users the best computing experience as resources are moved to a CSP. It also allows for any other “savings” to be reallocated back to the mission of the organization whether isn’t supporting the warfighter or citizen services. 

The example I use all the time is, as a Marine Corps veteran, the Marine Corps was not founded to build and run data centers. It was founded to fight wars to protect our many freedoms and U.S. interests abroad. Due to the advancement of technology in support of Marines, we have seen increased budget needs for IT in the Marine Corps. One of the Marine Corps’ many mottos is “we do more with less”. Cloud computing supports this motto fully so Marines can get back to their mission and allow industry to securely provide cloud solutions reducing the cost of IT and reallocating the savings back to the mission from “fighting hole to flagpole”. 

At the end of the day, the leading CSPs often exceed the security requirements many public sector organizations require. The leading CSPs invest billions of dollars annually solely on security and maintaining these required government accreditations and certifications. As our public sector customers work on their cloud roadmap it is critical to keep cost reallocation top of mind to best serve their end customers/users. 

From an operational expenditure (OPEX), standpoint, moving to the cloud isn’t necessarily about staff reduction. It's not about getting rid of contractors or reducing human capital, though it can be if that’s what you want to do. It is about allowing your workforce to focus on innovation, mission-critical work and higher value tasks. Cloud computing gives your workforce career mobility to retool for the future and betterment of your organization’s capabilities. 

Many customers have “cloud first” policies and often start out with the traditional data center approach of Infrastructure as a Service (IaaS). We often call these lift and shift migrations. These migrations do help marginally reduce CAPEX but often have a variable OPEX increase to support the migrations. A sound approach is to have an experienced and certified cloud services partner help with a current environment assessment. These assessments help create a roadmap of which CSP is the right one, which features or services are best suited for your business requirements, security, which applications are cloud ready as well as which aren’t, and many other items to help organizations make the best decisions for their cloud transformation. There are many ways to get to cloud whether lift and shift, backups, disaster recovery, application refactoring – lift “tinker” shift, application re-platforming, drop and shop, born in the cloud application development, or a finished SaaS offering. 

One last point I want to make is that a lot of our public sector customers can stall their migrations to cloud waiting for that perfect 100% finished solution. These customers should assess the risks of waiting for the 100% solution versus if there's an 80% solution today, wouldn't it be better to move out on an 80% solution, knowing that 100% is coming?

Often, we see customers wait for the 100% finished solution, and when it finally becomes available, innovation has driven technology to the point where the 100% solution is no longer relevant. Don’t stall your cloud journey waiting for perfection. Find that 80% evolving solution that meets your needs. Accept the 20% risk and start moving out with a valid, vetted cloud services provider partner like Red River. 

DLT: In your opinion, what are Red River’s five cloud superpowers?

LB: The public sector customers we work with on their cloud migrations are within our five superpowers: Government Cloud, Networking, Storage, DevOps, and Migration. At Red River, we focus heavily on Government Cloud customer needs. Our public sector customers have varying compliance needs they must adhere to such as: FedRAMP, NIST, DFARS, ITAR, CJIIS, FISMA, CMMC and several more. Our second superpower is networking. This includes secure connections from on premises to CSP environments whether commercial or government clouds. This includes dark fiber or VPN gateways to ensure secure, redundant connections.  

Then we focus on storage. Whether it's disaster recovery and backups, which is how most people get into cloud—they start tiering their backups and reducing their CAPEX and OPEX for managing backups, restorations, primary storage, archiving, and putting this service into a CSP securely. We also do business continuity, disaster recovery planning, as well as execution and testing inside of that pillar as well.

Red River also specializes in DevOps, driving continuous integration and continuous deployment (CI/CD). We help customers identify and implement the appropriate tools for their cloud-based CI/CD pipeline to improve consistency, maximize efficiency, and reduce time to delivery of new or updated custom software. We also support the implementation of infrastructure as code where cloud resources are provisioned and configured consistently and sized appropriately across all environments in an automated fashion.

The last pillar that we focus on is the largest pillar of them all: migration. Migration can mean many things to many people, but often it means “lift and shift”, application development, application refactoring, or application re-platforming. 

Finally, we also help support drop and shops. If you have a legacy application that just doesn't have a good way to get the cloud we can work with our organization to find a cloud solution to replace it. 

DLT: Is there anything else you would like to share about Red River?

LB: To migrate those workloads offsite and into the cloud securely, we take an approach that we call APMM, which is Assess, Plan, Migrate and Manage. Throughout the APMM framework we overlay horizontals focused on solutioning, security, and application development. 

First – assessments. As I mentioned earlier, Red River provides end-to-end services. So, it's not just cloud service provider resell; we also perform consulting services for this process. We assess the environment leveraging tools, intellectual property we have created, experienced technologists, and highly certified individuals to inventory the entire environment which often exposes shadow it within an organization.

Post assessment, we start planning. We look at things like which cloud is the best fit with for. Which workloads are cloud ready? Which workloads are not cloud ready? What needs more focus and more planning? Then comes migration—whether it's application migration, data, virtual machines, VMware Cloud on AWS, those types of migrations. The last phase of the APMM delivery framework is manage, that's our managed service offerings. Red River has a US-based 24x7x365 managed services desk for level one, two, three, all the way back to the cloud service providers.

Red River doesn’t want our customers to go in with a half a plan and half a solution. We provide a clear roadmap for your cloud journey with the tools and steps to execute on it – whatever that may be.