Maintaining an effective and secure on-premises IT infrastructure can be challenging for nonprofits. Data and mobility requirements can stress aging infrastructures. This strain can create difficulties for nonprofit IT leaders if they require additional resources to help expand their infrastructures to meet the emerging demands of end users.
At the same time, nonprofits are challenged to attract and retain qualified IT staff. Technologists with specialized experience in highdemand areas, such as networking, security and database administration, command high salaries in the private sector. The candidates most qualified for open positions often will not accept the salary and benefits offered by nonprofits. And as existing staff members develop highdemand skills, they often leave the nonprofit world for more lucrative positions in the private sector.
These budget and staffing challenges drive nonprofit IT leaders to consider new and innovative approaches to computing. Existing on-premises IT infrastructure may be unable to support the rise of new consumer- and dataoriented services. Yet, many nonprofit IT leaders don’t have the budgetary resources needed to expand the existing infrastructure to meet emerging data needs and to sustain the staff necessary to manage it. For these reasons, many nonprofit organizations are considering getting out of the data center business altogether. Cloud services represent a smart option to help achieve this goal.
The Solution: Cloud Computing
IT leaders in many types of organizations find themselves turning to the cloud. In a survey of CIOs, Gartner found that cloud services ranked third on a list of CIO investment priorities for 2015, with 32 percent of CIOs listing it as a priority. That marks a significant increase from the 27 percent of CIOs who prioritized cloud investments in 2014. CIOs are rapidly deciding to implement new services in the cloud and migrate legacy services to cloud environments.
Cloud-based solutions promise to help nonprofit organizations overcome the limitations of on-premises infrastructure by leveraging the economies of scale found in sharing infrastructure with many other customers. Cloud service providers operate massive data centers that serve millions of customers globally, and they can build and operate their systems at unprecedented scale. From turnkey Software as a Service (SaaS) solutions to the technology building blocks of Infrastructure as a Service (IaaS), cloud providers noticeably reduce the burden of IT on nonprofit organizations.
As organizations begin cloud migration, they typically find that SaaS solutions, as an alternative to enterprise software purchases, offer the greatest early value because of the ease of implementation and degree of cost savings. Email storage and Voice over IP (VoIP) telephony are popular IaaS solutions for the same reasons.
Both of these categories deliver mature technology solutions and offer nonprofit organizations a low-risk option to get comfortable with the cloud. Many nonprofits also give close consideration to the migration of their backup and disaster recovery operations to the cloud, which can deliver greater capabilities at a lower price point than can be provided with in-house solutions. Organizations also are exploring Desktop as a Service, a cloud offering that provides a virtual desktop environment with far fewer demands on IT infrastructure and staff. Other common migration targets include storage and web services.
Many nonprofit CIOs see the value of migrating to cloud services and want to embrace the change as quickly as their organizational culture and regulatory requirements allow.
The deployment of cloud-based solutions presents challenges for nonprofit organizations, the biggest of which include securing sensitive data and training IT staff.
For nonprofits, information security is critical. They handle a wide variety of sensitive information about volunteers and donors, such as Social Security numbers, donors’ credit card data and the personal or private information of nonprofit service recipients. As IT decision-makers consider deploying cloud-based solutions, they must ensure that they can maintain at least the same degree of security control in the cloud as they do in existing on-premises deployments. They also must make sure that the cloud providers they consider can meet the requirements of regulations, such as the Payment Card Industry Data Security Standard (PCI DSS) or the Health Insurance Portability and Accountability Act (HIPAA).
The Cloud Security Alliance has addressed cloud security concerns with the creation of the Security, Trust and Assurance Registry (STAR). This program certifies cloud service providers that successfully implement the controls detailed in CSA’s Cloud Controls Matrix (CCM). Many nonprofit organizations do not have the resources to conduct their own security assessments of cloud providers and find STAR a convenient shortcut to certifying solutions for their own use.
Another major obstacle facing nonprofit organizations turning to the cloud is a lack of experienced IT staff. Cloud technology is relatively new, and technologists with strong cloud backgrounds are in demand. Rather than hiring new staff, nonprofit IT leaders are relying on trusted partners to assist them with a cloud migration. With this approach, organizations can benefit from a partner’s experience, while internal IT staff hone the skills necessary to deploy and support cloud services as they continue to operate the legacy IT infrastructure.
For more information, download the white paper, "Transitioning Nonprofits to the Cloud."