Scalable Cloud Strategies: Values for Higher Education

A Q&A with Chris Wessells

group of college students looking at large screen of data visualizations

Scalable cloud strategies can support a wide array of services, applications, and capabilities of great value to higher education. Unisys Higher Education Strategist Christopher Wessells, formerly vice provost and CIO at the University of San Diego, has consulted for several institutions on their cloud transformations. His insights range from data integration in cloud environments, to transformative cloud security, to cloud-based education innovation, to cloud infrastructure and strategies for future readiness. Here, Wessells examines some of the values scalable cloud strategies offer institutions.

Mary Grush: What's a sure sign that an institution should consider moving its business and/or learning systems to the cloud?

Chris Wessells: On a fundamental level, any institution that is still running enterprise applications, such as ERP systems or learning management systems in an on-campus data center needs to consider a more modern, security-centric, and cloud-enabled infrastructure. In my work with universities and colleges, it's become clear to me that a transition of the core enterprise systems to SaaS or to the leading public cloud environments offers much greater capabilities for driving improved services to students, faculty, staff, institutional leaders, and alumni.

Grush: What's a simple example of that, of beginning to leverage cloud capabilities for such big gains?

Wessells: There are several examples. One basic but powerful example would be the capability to establish an elastic compute environment around registration processes. That in and of itself becomes an automated process in the cloud. It's more productive than maintaining a capital infrastructure in a data center and scaling up and down for that… creating possible infrastructure over-provisioning, which you don't need to do. That's a perfect example of a cloud strategy that can benefit any institution. And the ROI will be easy to quantify.

Even if the institution only "lifts and shifts," leveraging the capabilities of a modern public cloud provider to deal with the elastic nature of workloads is a significant step forward.

Even if the institution only "lifts and shifts," leveraging the capabilities of a modern public cloud provider to deal with the elastic nature of workloads is a significant step forward.

Grush: So, even an institution just starting its cloud journey could soon begin to discover the wider values of scalable cloud services. And there are many — could we talk a bit about some of them?

Wessells: Sure! When you couple your initial cloud experience with things like data integration capabilities and data virtualization, you can save a tremendous amount of cost simply given the nature of the cloud. For example, one of the steps the California State University made to become "cloud-ready" was implementing Perforce-Delphix data virtualization, applied to 4 million-plus PeopleSoft records. That effort resulted in an improved security posture and data agility, and it rendered millions of dollars in cost savings in terms of storage for the CSU system. It helped create the foundation for the CSU's move to the cloud.

Grush: I'd like to hear an example of integration at scale. Could you tell me a little more about the CSUs? That huge system must be the best example of a cloud strategy at scale.

Wessells: That story really begins way back in the early 2000s, when the CSU made a bold decision to invest in PeopleSoft for all 23 universities in the system. Yet after two decades of using PeopleSoft, the demand to modernize the capabilities of the SIS, HR, Financials, and associated applications was only possible through a cloud-and-security transformation.

The CSU system made a key decision to standardize on the cloud-based Boomi integration platform that has allowed the CSU institutions and Chancellor's Office to integrate many key enterprise applications and automate hundreds of processes that have a positive impact on the student experience — accelerating things like financial aid applications and the ability to transfer and move among institutions.

The cloud-and-security enhancements, added in 2024, have only taken all development, test, and production instances of PeopleSoft to much greater levels. Today, the CSU Oracle-PeopleSoft implementation is one of the largest in the world. Engaging with Unisys, the university moved it from a hybrid data center at Equinix to the AWS cloud. As a result, the CSUs have not only improved applications dramatically, but have also created scores of new capabilities that are included in the rich array of cloud services offed in AWS.

Grush: How does Unisys approach the challenge of improving cloud services to a large higher education system like the CSU?

Wessells: Our approach at Unisys is data-driven, security-centric, and cloud-enabled. Our work with the CSU IT teams has demonstrated that modern cloud infrastructure from AWS serves as a catalyst for improved IT services and enhanced security, and it provides a much more agile IT environment to improve services to the CSU community.

Our approach at Unisys is data-driven, security-centric, and cloud-enabled.

Amazon coupled with the use of Boomi's master data hub and integration solutions is a game changer in terms of service enhancements to students — including financial aid applications, transfers, enrollment services, degree planning, alumni relations, and so on. Beyond enhanced services, cloud modernization is a stimulus for much greater analytics capabilities with solutions like Snowflake Data Analytics, or Amazon Quicksight Q.

Beyond enhanced services, cloud modernization is a stimulus for much greater analytics capabilities.

Grush: So that is a very highly scaled integration. I'm hearing that you are moderating a session about it at EDUCAUSE this month…

Wessells: Yes. This is a wonderful success story in terms of cloud-and-security transformation and integration at scale for the CSU system. It's designed so attendees will hear the story directly from CSU executive IT leaders, in their own words. And they'll speak about additional major advancements that have been possible because of the AWS cloud transformation — security solutions, data virtualization, and how several cloud implementations have resulted in a very mature, sophisticated cloud infrastructure that serves the students, faculty, and staff extremely well. It's an exciting story that the CSU leaders have to share with their peers.

Grush: Can you tell me a little more about transformative cloud security? How can a large multi-campus system like the CSU avoid the catastrophe of an attack that could spread through the system?

Wessells: There are several important security enhancements. One of the major things that the AWS cloud facilitated for the CSU system is cloud network microsegmentation. It allows for the isolation of the campus ERP, the production systems for all 23 campuses.

Previously, before its ERP systems were migrated to AWS, there was considerable risk that a ransomware event at one of the CSU campuses could easily spread throughout the 23 universities in the system.

With the AWS cloud network microsegmentation, it isolates those production instances of the compromised institution such that none of the other university campuses, none of the other institutions in the CSU system would be impacted. Period. So that's a massive step forward. Furthermore, the Delphix cloud data vault would allow that compromised institution to recover rapidly using an immutable, "air-gapped" copy of their production data.

It's an example of one of the cloud networking security features that is unique to the cloud. Another is establishing cloud firewalls, which requires the review and cleanup of hundreds of firewall policies and rules that must be evaluated at the campus level.

There were several other major security enhancements accomplished in the CSU-Unisys cloud transformation partnership: A SIEM platform from Securonix was implemented, along with a public key infrastructure and certificate management system. The Delphix Data Vault, plus a privileged account management system, a cloud infrastructure entitlement management system, and an endpoint detection and response system were all key systemwide cloud initiatives that have taken the CSU's security posture and risk management to a highly mature level.

That's all I'll say for now about security transformation, but those are just a few examples of the security improvements possible in a cloud-based environment.

Grush: Thanks! Transformative cloud security is a huge area, and it's hard to choose what to mention in a limited space.

Another such area is cloud-based teaching and learning innovation. What can you tell me about that?

Wessells: I would say that if there's data that is accessible, harmonized across systems, and secure, and there's modern integration in place, it sets up an institution for the future with AI-enabled teaching and learning applications… because AI depends on high-quality data.

If there's data that is accessible, harmonized across systems, and secure, and there's modern integration in place, it sets up an institution for the future with AI-enabled teaching and learning applications.

I think institutions that are seeing AI innovations in teaching and learning are those that have invested in ensuring that their data is in a good state within the cloud. It's protected. It's cleansed. It's harmonized across systems with a master data hub. These institutions are in a much better state for taking on all of the unknowns and exciting new possibilities with artificial intelligence.

Success in teaching and learning innovations with AI is highly dependent upon, again, high-quality data that the academic community has vetted and approved. Inclusion of human-in-the-loop features and responsible AI capabilities to minimize bias and AI hallucinations is critically important.

Native cloud and AI services appear to be a critical foundation for making serious advancements in the nascent world of teaching and leaning with artificial intelligence. Unisys is working closely with the CSU Chancellor's Office, CSU Fullerton, CSU Channel Islands, and CSU Northridge on a groundbreaking GenAI solution to enhance teaching and learning. We look forward to unveiling it in 2025.

Grush: And I'm looking forward to hearing more about that!

But now, what about the research cloud? What's going on there?

Wessells: As you know, the offerings from Google, AWS, and Azure for on-demand HPC and research storage are only getting better. Additionally, resources like NSF's Jetstream2 are bringing free or affordable high-end compute resources to researchers who might not have access otherwise.

The offerings from Google, AWS, and Azure for on-demand HPC and research storage are only getting better.

My sense is that the HPC space is going to expand for a lot of research opportunities on campuses. There are situations in which faculty need HPC clusters for certain types of research in solving very complex problems. Yet some research problems may be more ideally suited to a cloud-based research or storage solution that can be easily provisioned and scaled back through cloud services — it strikes me that research on demand will be gaining even more traction with researchers.

So, for example, in space science research, or physics, or astrophysics, if researchers are studying very complex problems with massive amounts of data and are analyzing something, it will probably require a supercomputer, right? But the psychologist who has two terabytes of brain mapping data and is trying to analyze something related to, let's say, a cognitive disorder… Maybe that can be optimally run in a much less expensive way with research computing on demand from one of the public cloud providers. I think there is absolutely a case to be made for that.

Every discipline, every faculty member, every postdoc doesn't need a supercomputer to resolve challenging questions. This is a huge market for AWS, Microsoft, and Google. And there's clearly a lot of competition among those three providers to make sure researchers are aware of new opportunities in their cloud environments. And I think this is really important and it's only going to help advance research collaborations and human knowledge.

Grush: Now I'd like to talk about smaller institutions. We hear about data integration and cloud strategies at very large institutions… and the story of the CSUs is amazing. But what would the values of scalable cloud strategies be at a smaller institution?

Wessells: I think that smaller institutions can absolutely benefit from a cloud strategy for reducing technical debt from their data centers. Diminishing the scope of capital investment in data centers is going to be critically important, especially for smaller institutions struggling to contain costs and attract new students.

Diminishing the scope of capital investment in data centers is going to be critically important, especially for smaller institutions struggling to contain costs and attract new students.

There are so many small liberal arts institutions that are trying to provide superb services to their students; IT services, both academic and administrative services. Rather than making recurring capital investments in data centers, they should absolutely consider making a shift to the cloud, to be much more nimble. Additionally, building in financial guardrails to optimize cloud spend with a modern FinOps solution is essential. And at smaller institutions, if you can't afford the IT staffing, you could find a trusted service provider that helps you in managing those environments.

I really worry about the smaller institutions, particularly the small liberal arts institutions that have made this country so special — schools where you can get a rich and well-rounded education. Yet the cost of IT and delivering core academic education and all the associated services to the students is very expensive. Trying to find ways to contain those costs is going to be critical. The way I see doing that at this point is to get that data center diminished in size and scale, and shift to a very well-managed cloud solution that leverages FinOps and cloud operations so that they are super-efficient with the resources in the cloud. That's it. Otherwise, we're going to see some institutions close.

Grush: But with just the fact that they may look at a scalable cloud strategy — wouldn't that help because they may have the option to grow more slowly or quickly?

Wessells: Yes, certainly the ability to take advantage of elasticity and scale for compute and storage and things like that in the cloud is much more responsive than going out to buy storage and compute resources, and dropping those into the data center, locking in capital debt and losing the ability to scale quickly.

An institution may choose one of our public cloud providers — Google, AWS, Azure — for appropriately scaled services. If the institution does not have the IT staff to do it, I strongly suggest the use of a managed service provider to do the managed services to make that transition. Peer institutions may be ready to share their experiences, as well.

Regardless of the size of your university or college, it's always prudent to plan carefully to execute a cloud transformation with the goal of achieving the rich benefits of scalable cloud services.

[Editor's note: Image created with AI — Microsoft Image Creator by Designer.]

Featured

  • a glowing gaming controller, a digital tree structure, and an open book

    Report: Use of Game Engines Expands Beyond Gaming

    Game development technology is increasingly being utilized beyond its traditional gaming roots, according to the recently released annual "State of Game Development" report from development and DevOps solutions provider Perforce Software.

  • abstract representation of equity at the core of AI

    Why Equity Must Be a Core Part of the Conversation About AI

    AI is an immensely powerful tool that can provide customized support for students with diverse learning needs, tailoring educational experiences to meet student’s individual needs more effectively. However, significant disparities in AI access and digital literacy skills prevent many of these same students from fully leveraging its benefits.

  • Man wearing headset working on a computer

    Internet2: Network Routing Security and RPKI Adoption in Research and Education

    We ask James Deaton, vice president of network services, about Internet2's initiatives and leadership efforts to promote routing security and RPKI adoption in research and higher education networks.

  • network of transparent cloud icons, each containing a security symbol like a lock or shield

    Okta, OpenID Foundation Propose New Identity Security Standard

    Okta and the OpenID Foundation have announced the formation of the IPSIE Working Group — with the acronym standing for Interoperability Profiling for Secure Identity in the Enterprise — dedicated to a new identity security standard for Software-as-a-Service (SaaS) applications.