You are here

Feature

Higher ed’s journey to the cloud

Easing concerns across campus about cloud migration
University Business, September 2018

For Gonzaga University, like many organizations, the move to the cloud was born out of need. One of this small institution’s claims to fame is its stellar men’s basketball team.

As the 2017 NCAA Tournament approached, Information Technology Services staff at the Washington university knew on-premise web servers couldn’t handle the upcoming traffic load, says Darren Owsley, chief technology officer.

The site had crashed during March Madness in 2016, and not wanting to experience a repeat performance, IT made what turned out to be a slam-dunk decision: Migrate a mobile-optimized website to Amazon Web Services (AWS), alleviating the load on campus servers hosting Gonzaga’s main website.

Good move. During the 2017 tournament, Gonzaga had over 1.4 million page views and 517,687 users visit its on-premise website—plus 643,494 page views and 440,191 visits to its mobile site on AWS. 


SIDEBAR: 3 cloud myths to dispel


The ability to scale up capacity gave officials assurance that the cloud will be the right fit when its ERP system reaches the end of its life this December.

IT also decided to use the cloud for disaster recovery and backup services, Owsley says.

These days, cloud computing is getting higher grades in higher ed. Yet a recent study found that campus IT decision-makers have lingering doubts about security, data migration and storage costs.


ONLINE EXCLUSIVE: Cloud providers on concerns of campus IT


The CITE Research study of 200 U.S.- and U.K-based education IT administrators also found that most colleges not yet using cloud computing for a majority of their work and apps intend to do so in the next year.

A stumbling block remains: the inability of cloud providers to meet regulatory compliance standards when research institutions apply for federal grants from the National Institute of Health or the Department of Defense, says Tom Dugas, director of information security at Duquesne University in Pittsburgh.

Putting research data in a multitenant environment wherein it may not have the adequate protection defined in the grant terms is another concern, says Dugas, also the past co-chair of the Educause Center for Analysis and Research’s Cloud Computing Working Group.


Got a tech story to tell? Present at UBTech 2019.


The cost of establishing a secure, high-performance cloud environment is very often immense and is almost prohibitive for smaller schools, he adds.

Regarding data migration, some institutions have to build a parallel computing infrastructure during the move, Dugas says.

“From our standpoint, the move to and return on investment for cloud ... has turned out to cost significantly more than keeping systems on-premise,’’ he says.

“We’re seeing 20 to 30 percent more [in costs] annually by being in the cloud. And ROI is taking up to seven years.”

That said, new features offered by cloud-based services are addressing higher ed concerns, and many once-tentative administrators are now migrating at full throttle.

“I certainly believe cloud vendors are listening to us,’’ says Dugas. “We have a seat at the table.”

Tipping point

Arkansas State University-Beebe administrators decided it was time for the cloud after learning in 2015 that the institution’s legacy OpenVMS operating system, which served up its ERP system, would reach end-of-life in 2020.

“That was the real tipping point for us and when we got serious about making a migration happen,’’ says Chris Lee, vice chancellor of Information Technology Services.

Beebe State had already moved to Office 365, yet, Lee says, some officials were reluctant, fearing a lack of control over the data.

Arkansas State has four campuses, and when a monthly user group of faculty, staff and IT began discussing the migration of more core systems to the cloud, the main worries were:

  • Where does data physically reside?
  • How can we access that data?
  • Who owns the data?

By talking through what it would mean to move systems to the cloud, Lee says, “that cultural mindset started to change. Cloud doesn’t mean you don’t own your data and won’t get access to it if a system goes down.”

The art of the possible becomes a reality

The University of Arizona spent a couple of years testing the waters in the cloud, beginning in 2014 with “lower-risk workloads,” says CTO Derek Masseth.

IT involved university officials “every step of the way with everything we learned—and things we knew were different, we were pretty candid about,’’ he says. This was particularly true for infrastructure as a service (IaaS), which includes outsourcing hardware, storage, servers, network components and physical data center space.

“When you talk about safeguarding data and the integrity of infrastructure, the responsibility to do that doesn’t change a whole lot,” Masseth says, so he made sure stakeholders knew that.

Because of the “shared responsibility matrix” that AWS provides, the IT team could assure colleagues across campus that the same people they have trusted for many years to keep institutional data private are still responsible for many aspects of securing it in the cloud.

Compared to the on-premise data center, maintaining information privacy would be easier with Amazon tools such as encryption for data at rest and in transit. Plus, physical data center management “is completely wiped off our responsibility list,” Masseth says, because public cloud providers can do a much better job of that than any institution.

Still, migration was a tough sell. “People were concerned—make no mistake about that,” Masseth says. But when they were presented with the facts in the Responsible Accountable Consulted and Informed diagram—which compares on-premise data infrastructure to the cloud’s—officials understood it was just an infrastructure change.

“It’s on technologists to demonstrate with confidence that all the same controls are still at our fingertips,” Masseth says. “But cloud brings tools to bear that we don’t have when we’re building infrastructure that supports applications in our own facility.”

Today, with 80 percent of Beebe State’s systems residing in IaaS, platform as a service and software as a service models, IT can provide better tech support. “That’s what we were most after: being more responsive to constituents.” Now, he says, IT can demonstrate “shocking numbers” in ROI by shifting from spending on hardware to instead purchasing cloud subscriptions.

Provider selection due diligence

Like Beebe State, Dominican University in Chicago used Office 365 as its proof of concept for migrating to the cloud, so users could have more email storage capacity, says Jill Albin-Hill, vice president for technology and operations.

She realized a subscription-based student information system meant not needing as many IT staffers to manage servers.

“Our environment was built for day-to-day needs, and we saw spikes in usage at registration time that we didn’t have capacity for,’’ she says.

“So we had a couple of years of painful registration when every student was clicking the ‘add class’ button and the system came to a crawl.”

Dominican could purchase more cloud capacity during registration periods and then bring it back down.

The university transitioned its SIS to the cloud in October 2017, and has had “two very smooth registrations” since, says Albin-Hill. Now, 75 percent of Dominican’s systems are cloud-based.

“Everything we were reading five years ago questioned the security and who owns your data, and how can you be sure of that,” Albin-Hill says. Those concerns have long since been alleviated by time, proofs of concept and technology improvements.

She has learned the importance of a well-vetted contract and ensuring that the provider adheres to it.

“Knowing those things upfront helps me feel good that we can deliver on the promise of security and redundancy,’’ she says, adding that having constant communication ensures her providers are doing their due diligence.

“We’ve really paid a lot of attention to security all along the way and felt confident in the choices we’ve made. In some cases, they’re better at securing our data than we were.”

Owsley of Gonzaga agrees. “I don’t think people should be scared. For us, it’s a benefit and probably more secure than what we can provide on campus. We can provision servers more quickly and do projects more efficiently.”


Esther Shein is a Massachusetts-based writer whose focus is on technology, business and education.