Case studies conducted by industry analyst Ovum into cloud computing implementations "illustrate that benefits were greater than expected, while risks and difficulties were lower than typically experienced by traditional ICT projects", says Ovum's Steve Hodgkinson.

Speaking to a Wellington breakfast seminar last week Hodgkinson related the positive experience of a number of Australian public-sector bodies with the cloud. It's time, he says, that we turn from talking theory and look at the practical lessons learned by some of the early adopters of cloud solutions.

There were passing references to NZ Post's use of Google applications. Hodgkinson describes NZ Post as "a leader in use of Google Apps at large scale".

Auckland University is another early Google Apps adopter worth examining, he says.

However, agencies that have made a success of cloud computing are still reluctant to talk on-the-record about what they have done in detail. This means it is difficult to use them as the basis of meaningful case-studies.

This leads to an unbalanced view of the cloud as "evil, immoral and dangerous"; something that offshores local jobs and is a risk to security and sovereignty, Hodgkinson says.

A lot of cloud developments still "have a kind of serendipitous feel to them", he says and this encourages a cautious view. A significant exception is the New South Wales Department of Trade and Investment.

"It has gone through a full-on public procurement tender process to select a software-as-a-service provider for an ERP application as the kernel of a new shared-services strategy," says Hodgkinson.

The department is implementing SAP Business by Design for finance, human resources and procurement across nine agencies. Implementation started in July, after a 13-week tender process and the applications are scheduled to go live in early January.

If that comes to pass as expected, it will be a striking contrast with the typical large-scale government-agency development and "a great example of a fundamental transformation in the whole approach to doing IT in government."

Frequently expressed fears of security shortcomings in cloud-computing use fail to make a realistic comparison with the security of in-house systems, says Hodgkinson. A certain constituency of developers with lucrative government clients are hoping for a major security failure involving the cloud to preserve their seat on the "gravy train", he suggests.

But the comparison of cloud and in-house services goes further than security, he says. It is reflected in general capability to develop well and speedily. In that respect, "my view is that there is an increasing gap between the capability of mature enterprise-grade cloud services and the capability of the average [government] agency -- because of the constraints under which agencies operate," he says.

"It's all about focus," Hodgkinson explains. "Cloud providers are free to choose what goes into their service catalogue"; they can concentrate on meeting selected needs that they know they can provide well.

"Agencies are in the business of providing any services government asks for.

"That's not to say all government services can be put into the cloud," he says. "They can't; but some can."

In expanding specialised in-house services to shared services, as many groups of government agencies are, they face the challenge of "re-engineering things that were never designed to be shared".

Outsourced cloud services, on the other hand are designed from the ground up to be shared."