Cloud procurement guidance

Cloud provider's approach to pricing is to provide transparent and publicly available pricing to all our customers. Unlike legacy IT, cloud customers:

• use a pay-as-you-go model with on-demand, utility-like pricing
• have no upfront costs
• are not required to make a long-term financial commitment

While the aim of the NHS organisations and health and social care organisations is to procure directly from cloud service providers the NHS and health and social care current funding model, which is capital heavy, can cause complexities when trying to fund revenue-based services. NHS England as part of a collective group that includes Crown Commercial services and HM Treasury which are currently looking at future funding and where this needs to be able to address to fully allow a sustainable UK Public Cloud first approach.

While future funding of cloud is being assessed centrally by the UK government we are advising Health and Social care organisations whose budgets are mostly capital based to use cloud brokerage services to allow accelerated adoption of public cloud services. While organisations that have mostly revenue budgets go directly to cloud service providers unless managed cloud service support is required which a cloud broker will also be advised.

Research by Gartner states, "Cloud services can initially be more expensive than running on-premises data centres. However, cloud services can become cost-effective over time if organisations learn to use and operate them more efficiently. The statement is backed by an example of workload migration for 2,500 virtual machines from an on-premises data centre to a Public Cloud Service." This reduction in cost over time is mainly dependent on managing cloud costs.

Moving to the cloud is one thing, managing it is a whole other feat. If not done properly, costs can become lofty and waste can run rampant.

Reserving capacity, which enables companies to reserve compute capacity for any duration of time is one way to reduce cloud cost because discounts are available for reserving a block of resources for a specific time in a particular location. You need to pay for the reserved amount whether you use it or not. If you go over your reserved amount, you pay the higher on-demand rate, so unless you have a good handle on your resource needs, reserving can lead to costly mistakes.

Another way to receive a surprise bill at the end of the month is by not releasing a cluster's resources. If you don't release the resources after completing a job, you continue to pay for them. This situation can be especially costly if the cluster is left running overnight or on the weekend.

In addition, applications may be given the ability to provision resources automatically, yet another way costs can rise. A defect may cause an application to grow its resource footprint without having a need to do so. If privileges are set too high, the cost escalates quickly.

Also, note that these errors are not mutually exclusive and can happen multiple times across the system, all adding costs that may be currently hidden on on-premise hosting.

The key to controlling cloud waste, which will cut costs, is detecting it and notifying someone to take appropriate actions.

The first step in this process begins with applying tags to resources or instances. Tags are a label assigned to cloud resources/instances, which consists of two parts: a key and a value. There are various reasons to use tagging, but the most significant is for greater visibility and organisation across a company.

Structuring tags facilitates taking the actions that an organisation needs to control cloud costs. Because of the dynamic and complex nature of the cloud environment, maintaining tags without rules-based automation requires full-time trained personnel. Yet again, this adds to cloud costs and often results in manual errors.

Once you have an automated tag environment in place, you can use it for monitoring, forecasting, and use allocation. Providing well-structured analytics to the people who can act on them is critical to any cost-management function.

Data organisation is also essential. A necessary analytics feature makes it easier to drill down and diagnose causes for the excess cost. More beneficial is the use of artificial intelligence (AI) and machine learning (ML) applied to the data to make recommendations based on cost rules and use data. Due to the complexity of cost rules, using an automated recommendation system helps managers reduce costs.

Detecting anomalies is another key to controlling cost. Costs add up in real-time, so real-time monitoring and anomaly detection are necessary. The cloud activity monitored in real-time can detect anomalies and route them to a person for action.

Managing the cloud requires a new operations model to monitor and control costs. The model must be nimbler and more responsive to change. Cost allocation and routing the information to people responsible for controlling cloud costs on a timely basis is critical. Managing this complex dynamic environment can be challenging but with a set of best practices in mind, the cloud can boost production.

Some Cloud providers are geared towards the provision of applications that will run perpetually in their environment. These tend to be server instances billed daily that can be turned on and off at will. Auto expansion and contraction (of computing resources) may not be part of the service. Other providers price the use of their environment at competitive rates for short-term use or bursts, but then don’t seem to be priced competitively for perpetually needed applications. Determine your needs carefully, whether the cloud will be somewhere to which you can send excess load or if you are putting the responsibility of certain applications entirely outside your own data centre.

Look for a provider that has an easy-to-understand pricing model and examine where the monthly costs can be easily predicted. Many will provide the ability to assign cost codes to internally bill departments within your firm. Ideally, your billing will be done per cloud instance per day or even hourly if available.

It's a good idea to have a thorough understanding of the scope of services being purchased. Many times the cloud is an infrastructure management-only service. If you are looking for management of the Operating System and application, this may not be available at all or will come at an additional cost.

Another element to investigate is the timing of instances. You probably want them provided quickly (less than 1 hour) and in an automated fashion. This is certainly in your interest because you can never tell when a project needs an additional server or if late-night testing of an app is required.

Also, you should avoid signing long-term agreements unless there is a large cost saving. This allows you flexibility. Since cloud services use pooled resources, the provider cannot claim to have invested significantly in your specific deployment unless you have dedicated equipment allocated to you.

Capital Expenditures (CapEx)

Firstly, Capital Expenditures, what we generally refer to as CapEx, are the spending's your business put towards fixed assets. Such assets can include the purchase and maintenance of buildings, vehicles or computer equipment. These are major spending's, often a one-time purchase, and they are intended to benefit your business for a longer period of time. The procurement cost shows up on your balance sheet, and the cost is then depreciated over several years.

Revenue Expenses (OpEx)

We also have Revenue Expenses, or also known as OpEx, which can be described as the funds an organisation uses to run its day-to-day business. Such expenses can include the subscription fee for cloud services, website hosting, or web domain registrations. OpEx cover the expenses on pay-as-you-go items, and they are deducted for your business’ income as they occur.

Most UK businesses usually prefer OpEx to CapEx. This is because buying equipment is considered CapEx, so not all of the expenses paid upfront can be deducted. As the amount paid to a vendor for leasing is considered OpEx, it’s incurred as part of the daily business operations, and you can therefore deduct the cash that you spent that year. Deducting expenses reduces income tax, which is levied on net income. However, if your business wants to boost its earnings and book value, you might want to make a capital expense and only deduct a small portion of it as an expense.

This will lead to a higher value of assets on your balance sheet, as well as a higher net income that you can report back to your investors.

Understanding capital and revenue is instrumental in recognising what types of cloud service you need for your business.

Direct public cloud procurement

One of the most popular cloud options on the market is procuring directly from a public cloud service provider.

The cloud service provider is the one making the Capital Expenditure. Your organisation as their customer invests in a pay-as-you-go model using Revenue. This means that your data will be stored with the data of many other businesses, and all maintenance and upgrades will be performed by your provider.

Public Cloud Brokerage procurement

Acquiring a Public Cloud Broker, on the other hand, will involve your in-house IT team investing in a Capital Expenditure solution via a Cloud Broker, and then offering the resources in a Revenue model to various users or departments within the business.

Gartner defines cloud services brokerage or CSB as an, “IT role and business model in which a company or other entity adds value to one or more (public or private) cloud services on behalf of one or more consumers of that service via three primary roles including aggregation, integration, and customisation brokerage.” In this way, a cloud broker acts as the middle layer or intermediary between the purchaser of a cloud computing service and the sellers of said service.

There are three types of cloud brokers:

Cloud Aggregator

An aggregator is a broker that packages and integrates multiple service catalogues into a single user interface. The organisation then selects as many or as few services that fit their specific business needs but will only pay a single bill to the broker. The cloud aggregator model is generally seen as a more cost-effective and efficient approach for the NHS Organisations as compared to purchasing each service individually. As part of their function as resellers, aggregators play a critical role in managing cloud provider relationships and services. The broker may also offer additional services on top of the cloud including security and governance. One of the main goals of the aggregator is to curate an actual catalogue of services, providing a single pane of glass to all business and IT services, empowering agility and portability while saving time and money.

Cloud Integrators

Integrators add value by automating workflows across hybrid environments through a single orchestration to improve performance and reduce business risk. Once migration is complete, the integrator can continue to provide support to the organisation on an ongoing basis as needed.

Cloud Customisers

As the name suggests, customisation involves modifying existing cloud services to meet business needs. In some cases, the broker may even develop additional features to run in the cloud as required by the organisation. This function is critical to building a fully configured cloud with improved visibility, compliance, and integration of key IT processes.

Cloud service brokers provide solutions that turn IT into a growth accelerator for end customers. Additional benefits of cloud services brokerage include:

Providing expertise

Cloud Service Brokers (CSB) serve to reduce the barriers to adopting, managing, and customising services in the cloud because they fill in gaps in knowledge and skills. Brokers are often hired to evaluate services from different vendors and provide the customer with information about how to use cloud services to power digital innovation. Once the research is complete, the broker presents the customer with a list of recommended vendors along with a comparison of service features, cost breakdowns, SLAs, and other criteria. In this way, the broker’s tool kit and expertise fosters objective, accurate, and informed decision making.

Negotiating on behalf of the customer

Cloud brokers may sometimes be given the right to negotiate contracts with cloud service providers on behalf of the client. In such cases, the broker is given the authority to contract services across several vendors which can be an excellent strategy to keep costs low. In addition, CSBs typically have pre-existing relationships with a number of vendors, and in some cases even have predetermined contracts, which helps to speed up the vendor acquisition process. This benefit is usually most common in the case of cloud aggregators.

Simplifying operations

Cloud Service Brokers can help eliminate redundancies, optimise resource utilisation, allow the IT organisation to gain control of cloud consumption costs. Furthermore, having a real-time unified view of on-premise and public cloud resources, also helps the organisation to cut down on errors relating to managing multiple cloud platforms across the organisation.

Reining in “Shadow IT”

Approximately 40% of all IT spending at a company occurs without the knowledge or approval of the IT department. However, since cloud service brokers provide a unified approach to IT cloud service purchasing, they can help to align elements of business with IT capabilities and improve the responsiveness of IT to the operational demands of the organisation. IT can then transition from providing reactive support to delivering proactive solutions.

Reducing risk

Cloud Service Brokers can reduce the risk of migrating security services to the cloud by vetting vendors to ensure they meet robust security standards. This is especially critical in highly regulated industries such as healthcare and financial services where data protection is paramount. Here, the broker automates cloud governance and compliance along with a single view to manage risk across the enterprise environment.

Overall, CSBs enable the secure migration of data, apps, and infrastructure components between public cloud providers.

A trusted cloud services broker should enable you to govern your cloud without disrupting innovation by:

• streamlining tracking of changes and configurations through integration with your service management processes
• providing users with upfront visibility into the cost of their cloud service choices
• reporting on usage and then managing the budget
• monitoring performance of cloud services to prevent downtime
• separating departments or users with fine-grained multi-tenancy and role-based access control

As your organisation gets ready for the adoption of public cloud, there’s no better time to leverage the benefits of cloud service brokerage to remove complexity, boost productivity, and reduce the risk of shadow IT. These enhanced business outcomes will allow your organisation to keep pace with the demands of rapidly changing business requirements and ensure agile delivery of innovative services.

Cloud service brokers are positioned to help IT achieve the full benefits of multi-cloud ecosystems via industry-leading, vendor agnostic solutions for these required capabilities by:

• customising cloud services to meet business needs
• managing a variety of platforms via a single point of contact
• enabling high-precision analysis across different applications
• uniting cloud and enterprise management tools and processes

The NHS and UK Government have a framework already in place to allow a simplified procurement of public cloud services and also get the best value out of the agreement.

This agreement has been designed to work alongside G-Cloud 12 and all future iterations of G-Cloud agreements. It will run from 4 July 2021 for two years and will end in 2023. You will then have the option to include 2 extensions of up to 1 year each.

This agreement is available to the whole public sector but is mainly for customers who prefer to contract with Cloud Service Providers directly. By using this agreement you will have the opportunity to access:

• competitive value for money
• a robust set of terms and conditions that meets central government commercial policy objectives

This agreement comprises of 1 Lot with 9 Suppliers within this agreement including the major Cloud Service Providers.

More information about this Framework is available. 

NHS Shared Business Services have published the Cloud Solutions Framework. The framework provides access to 24 carefully selected suppliers and offers bespoke and off-the-shelf solutions from cloud solution design and as-is assessment to end-to-end cloud solutions.

• Lot 1 solution design and consultancy: Includes initial support ahead of Cloud adoption/implementation, analysis/mapping of 'as is' situation, cloud readiness assessments, architecture design, migration planning and more.
• Lot 2 infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) Includes public cloud and/or private and hybrid cloud hosting, processing, storage, networks, applications running on a cloud infrastructure and more.
• Lot 3 Cloud support services: Includes real time support, access to professional expertise plus a wide range of ongoing or ad hoc specialist support services.
• Lot 4 End-to-end cloud solutions: All of the above under one Lot for a complete end to end solution.

More information about this Framework is available. 

UK Crown Commercial Services (CSS) worked with NHS Digital to create this agreement, to support public health and other care organisations with providing digital outcomes and services. 

Customers using this agreement will be able to access:

• an agile approach to development services for new digital solutions including on cloud
• support with existing products and services
• data management services (for the collection, processing and distribution of health data)

This framework is made up of a single Lot, and the agreement provides services in the following 5 areas: 

• development and operations (DevOps) – for ongoing minor improvements of live services
• digital definition services – creating and progressing the project through discovery and alpha phases
• build and transition services – building the services using beta and live phases
• end-to-end development services – designing and developing the services from discovery to live phases 
• data management (and similar) services – for performing data collection, data processing and analysis and management of data and services

More information about this Framework is available.