The Cloud Advantage: Powering Public Sector Resilience

Tyler Podcast Episode 117, Transcript

Our Tyler Technologies podcast explores a wide range of complex, timely, and important issues facing communities and the public sector. Expect approachable tech talk mixed with insights from subject matter experts and a bit of fun. Each episode highlights the people, places, and technology making a difference. Give the podcast a listen today and subscribe.

Show Notes:

In this episode of the Tyler Tech Podcast, we explore how cloud technology helps governments build greater resilience, maintain continuity, and adapt to evolving risks.

Russell Gainford, chief technology officer at Tyler, joins us to discuss how the cloud delivers the scalability, flexibility, and reliability agencies need to keep critical services running — even in the face of disruption. From cybersecurity threats to natural disasters and unexpected system demands, cloud-based infrastructure empowers governments to respond quickly and recover confidently.

Throughout the conversation, Russell shares insights on the limitations of traditional on-premises environments, the growing importance of proactive risk planning, and how cloud solutions help reduce technical debt while improving operational agility. He also offers best practices for building a roadmap to resilience, including how to prioritize critical systems, plan for dependencies, and make smart investments over time.

Tune in to learn how modern cloud strategies are helping government agencies strengthen resilience, improve service delivery, and prepare for the unexpected.

This episode also highlights Digital Access and Accessibility in the Resident Experience, a new white paper exploring how public sector organizations can remove barriers and create more inclusive digital services. As governments continue to expand digital offerings, ensuring a seamless, user-friendly experience is more important than ever.

• Download: Digital Access and Accessibility: Creating a Better Resident Experience

And learn more about the topics discussed in this episode with these resources:

• Download: Building a Resilient Government
• Download: A Digital Guide to Modernizing the Resident Experience
• Download: Cloud-Smart Strategies for IT Infrastructure Modernization
• Blog: How Cloud-Based Solutions Expand Access to State Services
• Blog: Using Cloud-Based Solutions to Improve Access in Counties
• Blog: The Cloud Experience: Improving Government Services
• Blog: Future-Proofing Government Through Technology Modernization
• Video: Tyler Talks: The Cloud is Now
• Video: 30 Years of Data Moved to Cloud in 5 Days
• Video: Increase Efficiency With the Cloud
• Podcast: Cloud Adoption and Understanding the Risks of Legacy Systems

Listen to other episodes of the podcast.

Let us know what you think about the Tyler Tech Podcast in this survey!

Transcript:

Russell Gainford: The capabilities of not just the resiliency within your application and service that you’re providing, but also the resiliency, being able to move between different geographic locations is tremendous.

Josh Henderson: From Tyler Technologies, this is the Tyler Tech Podcast, where we explore the trends, technologies and people shaping the public sector. I’m your host, Josh Henderson. Thanks for joining us. In this episode, I’m thrilled to once again be joined by Russell Gainford, Tyler’s chief technology officer, as we dive into the role of cloud technology in building government resilience.

We’ll explore how cloud delivers the scalability, flexibility, and always-on reliability governments need to keep critical services running strong. It’s another great conversation so let’s dive right in.

Russell, thanks for joining me again on the podcast. It’s great to have you back on the show.

Russell Gainford: Thanks, Josh. Great to be here, as always.

Josh Henderson: Of course. So, today we’re diving into a really important topic: how cloud-based technology strengthens resilience for governments.

Resilience is becoming a top priority for the public sector, whether it’s cybersecurity, disaster preparedness and recovery or organizational stability.

So, to set the stage, let’s start with a big picture question.

From your perspective, how would you define resilience in the context of government operations and technology, and why would you say it’s more critical than ever for public sector organizations?

Russell Gainford: It’s a good question to start. I would say when I think of resilience, I think of the tooling, the processes, the ecosystem, and the people that you’ve put together to ensure that your system’s not just up and running, but that if something unexpected happens, because you should always be planning that something could happen and keep track of the risk areas that you’re in, that you’re able to recover. And what does that mean for your business, and what are the implications in downtime?

Why is it more important than ever? Well, I think technology is continuing to be pervasive inside of the public sector. Systems are more interconnected than ever. When you get to citizen and constituent services, people expect them to be up 24/7.

They expect them to be there like Google is. Anytime you need it, it’s right within your grasp. And then I start to think about the emerging technologies and how they’re interconnected, and they’re used much more than what they were before, which was a nine-to-five for certain agencies within a desktop environment. And now they’re on phones, and now they’re interconnected all across everything that we do.

So, I think of artificial intelligence. What is artificial intelligence? Well, it’s providing you insights and deep knowledge, but it’s doing so based off a lot of data.

And that means that systems have to be available to update that data and keep track of it. So, there’s really no shortage of reasons why resilience and keeping systems operational 24/7 is going down in requirements. If anything, it’s growing in need. And what was once in the past of that we had to accept a certain amount of critical loss of operating time is now becoming a scenario where we can expect our systems to always be running regardless of the situation.

Josh Henderson: It’s a great place to start. Now, for years, many governments have relied on traditional on-premises IT services.

But when it comes to resilience, what are some of the key risks or limitations of sticking with on-prem solutions?

And how does a cloud-based approach address those gaps and provide a stronger foundation for continuity and recovery?

Russell Gainford: So, I’ve, for many years, dealt with managing on-premises systems as we move to the cloud and prior jobs and ownership of hardware. And they were great for a long time in that you were able to provide services to your organization and service your business, but they do have inherent downsides. A lot of it comes down to cost. I mean, you can do pretty much anything in a private data center. You could do in the cloud if you had the expertise and the budget to do it, which most people don’t because it’s expensive to do just for your organization.

And so, what does that mean? Well, it means you’re usually limited by one geographic region, and we can talk a little more about technical debt and things like that. So, you’re limited to this geographic region.

And when you’re in there, if an issue that occurs, whether it’s power supply or anything else, you’re usually cut off. You may have some backups. You may have some generators, networking, infrastructure. And I’ve always found that the way that private data centers work, you’re usually in this ecosystem of tooling.

So, you’re trying to manage the resilience, and then you have little issues that occur. Maybe it’s with the networking vendor you have. Maybe it’s with the power supply that you have. Usually, everybody’s pointing at each other.

You’re trying to find the root cause.

So, it in that scenario, it makes it a lot harder to manage and to segment your network and all the things that go along with that. So how does the public cloud provide that? Well, there’s lots of ways, but one is just the sheer scale of the hyperscalers in the public cloud. So, how many regions and data centers that they have?

And if we look at our partnership with AWS and you get down to a certain region, you get down to availability zone. Well, availability zone by itself within a region of the country may have five or six data centers, and then you get to another availability zone, and they’re usually separated by at least 50 geographic miles between those availability zones. And then you can go and roll over to other regions of the country. So, they’re dealing with a level of scale or a level of failover that is very hard to replicate inside of your own private cloud.

So, it provides economies of scale, and it allows you to leverage their services in a much more reliable and quicker fashion, if that makes sense?

Josh Henderson: It does, yeah. I think that paints a really nice picture of the difference between on-prem and cloud.

And across the public sector, we’ve seen how unexpected events such as natural disasters or cybersecurity incidents.

Those incidents can really strain traditional IT systems as well. What are some common challenges agencies face when relying solely on on-prem infrastructure during a crisis? And what are some best practices to help ensure continuity and resilience regardless of the environment?

Russell Gainford: Good question. So, when I think of that from an on-prem perspective, if you’re really trying to say, I’m going to protect my one physical location from a geographic natural disaster or force majeure or something that’s just unexpected occurs or a utility that goes out or anything along those natures. What does that mean? Well, it means you’re going to have to get a second location with some geographic differences large enough that you feel comfortable with it.

And in the traditional on-prem world, you’re usually paying for a separate copy of that hardware over in this other location. Now, it could be that it’s just shut off. It could be that it’s what they call a pilot light from resiliency where it’s running, but it’s not actually turned on, but it’s keeping the data in sync. There’s lots of different ways to do it, but it’s usually expensive.

You’re usually paying for stuff that you’re not using 90% of the time. And then you’re having to manage a separate facility that’s in another geographic location to handle it. It really is hard to see that as making sense from a budgetary perspective when we start looking at the public cloud. But whatever environment that you’re in, you can get yourself on pretty much the best technologies, but you have to plan for the unthinkable.

What are the things that are going to come up that could affect us? Whether it’s security, whether it’s natural disasters, whether it’s weather, whether it’s a vendor, whether it’s a tooling, if you can’t find the pinpoints and pain points within your environments that could affect your services, then one of them is inevitably going to come up. So now it you could sit down for days and think about all the possible things that can happen.

But when you think about best practices, start with what’s most critical. What is the most critical service you’re providing your citizens and your back office staff that could seriously impact and affect the output of your agency. Start there and then work your way down as time and priority permits. If you do that, let’s start with where we know will hurt the most if we have resiliency issues, and then you start working backwards from there.

You’re going to put yourself in a better space because starting with everything that you possibly serve at once, you’re not going to get very far. That is a big challenge to overcome.

Josh Henderson: It’s great advice. And now one concept that you touched on earlier in the conversation, and actually a concept we’ve talked about in a previous episode of the podcast, is technical debt. For those who don’t know what that term means, how would you define technical debt in the context of government technology, and how does it impact resilience, particularly for smaller agencies that may not have the resources of larger agencies? And how can cloud-based solutions help address those challenges?

Russell Gainford: I’ve lived and breathed the concept of what they say technical debt is for years because my background is in software engineering and engineering and architecture. And so, technical debt is a very common terminology, and it usually means your product has areas – or there’s code that you have – that causes you to use some workarounds and other code that you’d like, and it builds up this level of debt. So, we always have this concept inside Tyler that we’re always looking to burn down the technical debt. So, you say okay,

well, we have some here, and now we realize there’s a better solution. Let’s put it in a backlog and burn it down. And what does that mean for an organization as far as their systems? Well, in operations, you can also have technical debt.

That could be the processes that you have. It could be that you’re picking up operating a system that somebody else ran for 15 years and retired, and only they know the certain ways that it works internally. So, you’re running through these workarounds because you really don’t know another way to go through it. It could be that you’re running on certain infrastructure that is very hard to support and has constant outages.

So, technical debt certainly exists in operations and infrastructure and managing the systems that you have as well. So, when you think of that, you think of, do I have the people that know these systems inside and out how to oversee and operate them? Do I have the infrastructure to build give me the resiliency I have? And if you don’t for many of these things, it’s a level of technical debt that you’re dealing with historical situations that have carried forward.

Josh Henderson: Stay tuned. We’ll be right back with more of the Tyler Tech Podcast.

Hey there, Tyler Tech Podcast listeners. Let’s talk about something that’s becoming more important every day, digital access and accessibility.

As more public services move online, ensuring a seamless, user-friendly experience for residents is critical.

I’m here with my colleague, Jade Champion, to talk about our new white paper, Digital Access and Accessibility in the Resident Experience, that explores the challenges and opportunities in this space.

Jade Champion: That’s right. This white paper takes a closer look at the barriers residents face when engaging with digital services and how public sector organizations are addressing them with modern technology.

Josh Henderson: Whether it’s simplifying online interactions, designing intuitive systems, or making services more available across different devices, digital access is about creating a better experience for residents. And as technology continues to evolve, so do the strategies for improving public sector engagement.

Jade Champion: This white paper is packed with insights to help public sector leaders think strategically. It explores the role of technology in resident interactions, enhancing usability, and expanding digital reach, helping you gain a deeper understanding of today’s digital expectations.

Josh Henderson: You can download your copy today at the link in our show notes.

Jade Champion: It’s time to rethink how residents connect with public services, and it all starts with access.

Josh Henderson: Now let’s get back to the Tyler Tech Podcast.

So, you know, with those broader strategic challenges in mind, let’s get to the infrastructure itself. So, cloud technology plays a really foundational role in resilience, helping governments stay operational even in the face of disruption. But how does cloud infrastructure enhance continuity, scalability, and recovery in times of crisis?

Russell Gainford: Well, so many more ways. And so, let’s just start with when we talk about resiliency, people start going down and thinking about, oh, well, natural disasters. What about just a large peak load and usage on your system?

Maybe you have a deadline for some licensing registration, and it peaks up more than you’ve ever had in the past, and people are applying for your licenses, and the system goes down. It’s overburdened. Or maybe it doesn’t go down.

Maybe the performance degradation is just severe enough that people are just fed up and they abandon.

One of the things the cloud does that is fantastic is you can set yourself up with what’s called auto-scaling. So, your system can not only detect that there’s more usage and start spinning things up, but if you know when your peak times are going to be, maybe the last three months of this three month renewal period or three days of this three month renewal period, you can just set the schedule, and it’ll automatically add more hardware without having to pay for it for the whole three month cycle. So that’s one fantastic way. The other way is that you can set up your load balancing and you can run your systems in two geographic availability zones at the exact same time.

So, they have tools built in to manage that for you. So, if you determine this is a critical enough system and the cost structure that we just want it running active at all times where it’s just load balancing, you can do that. Another thing you can do is what’s called pilot light and disaster recovery services. So, you can literally have your one system, but it’s copying over to another geographic area in real time.

And if you discover something, you can literally click a button and the system will be up and running in 60, 70 seconds for an average system. And we’ve done five tests with 5,000, 6,000 virtual machines and had them up in under 50 minutes. So, the capabilities of not just the resiliency within your application and service that you’re providing, but also the resiliency of being able to move between different geographic locations is tremendous.

Josh Henderson: And beyond simply adopting cloud-based solutions, you’ve touched on the benefits of cloud versus on-prem, but what are some best practices you believe governments should follow to ensure their resilience plans are ultimately effective?

Russell Gainford: So, that if you have a plan and you have these resilience plans and you’re looking at what’s effective, one thing that we like to do with our operations is tabletop exercises. So, you can actually take your team and your IT team and say, okay, what if this happened? How would we respond to it? And how do we actually go through the steps that are necessary? You can even test it.

You should have regular resiliency DR-type tests on a cadence once a quarter that you’re going through in the systems that you have. But I will go back to what I said before which is, if you start saying every service that you have, that you’re servicing your agency, that might be a lot to go through once a quarter. So, you can take what’s called sample sizing.

So, you can say, well, this is really important for us, and we’re going to do that once a quarter. We’re going to do a tabletop. Do our documentation, our runbooks actually match what the failover plan is? And if it does, now I feel good.

I’ve gone on through that. Now I can go, and I can set up the next solution or service that we have. And one thing that I’ll also take guidance on this, just from the years of experience learning through it, is you have to consider dependencies.

So, sometimes people get very focused on, okay, this service, I just need to verify that from a resiliency perspective, I can move it or bring it back up so that it’s set to go. But sometimes people forget that that service is actually dependent on another service, and they actually have interconnected data and APIs that are going back and forth. So great, I just moved this service, but this service is actually down. So, it’s good to go through and look at what’s most critical, but you have to take a step back and look at, okay, what encompasses this service? And if I did take a resiliency move and I did a DR, I did something to that effect, what does that mean for the other services that may depend on it?

Josh Henderson: We’ve talked a lot about resiliency efforts as it pertains to things like cybersecurity threats, but cybersecurity is definitely a huge issue, challenge for government agencies. They continue to evolve. Cloud security is a very critical piece of that puzzle.

What in your experience have you seen to be the biggest cybersecurity risks facing governments today? And how does the cloud help to mitigate those threats?

Russell Gainford: Well, I mean, cybersecurity in general or even just organizational security is something that continues to be a focus area. And, you know, we work with tens of thousands of agencies across North America. So, you work a lot with clients and hear what they’re concerned about in their own data centers and what they’re focusing on. And so, ransomware is a big one. It’s one that you hear about as a top concern area. I mean, there’s also many other attack vectors that people need to consider, but I think when you look at what you’re trying to do with ransomware, one of the issues is something the cloud gives you is this network segmentation that you can kind of redesign and put your services up with software-based networking inside of a public cloud provider.

And, and it segments through identity access management and through the account segregation, segmentation that you’re actually able to keep these two systems completely separate from a network and access perspective, which, historically, I found as you work in public sector is that there’s a lot of history inside of these private clouds and these data centers. And so, a lot of these multiple different systems are really running together in one physical location, but they’re not segmented even on the network, which provides a larger concern, as far as the area of reach if a cybersecurity issue comes up. So, certainly, I would say ransomware is what we see the top feedback from clients that we work with, and they have discussions about in communities.

And then part of it’s not just that it is ransomware. It’s what is the blast radius? What is the vector of impact in these private cloud environments and how wide does it go if something happens?

Josh Henderson: Lots of important things to consider for sure. So, as we start to wrap up this conversation, I wanted to touch on improving resilience with an agency. So, before an agency can improve its resilience, it sort of needs to understand where it stands today. And you’ve touched on some steps to take along the along the way there. But if you could just touch on some targeted steps government leaders should take to assess their current level of resilience, especially when it comes to their tech stack or their tech infrastructure.

Russell Gainford: I’ve gone through some of this before, in years past.

And so, things that I have found are the most beneficial is who’s making the decision on what’s the most critical services. So, you should be able to go to your agency leadership, and you can use a stack ranking or a ranking based on the type of impact. If you have resilience issue as an IT leader, ask them, can you rank of all the services we’re providing? Which one has the most impact to us as an agency?

If I was from a public sector side, I’d probably break it down as what’s the most impact to our internal employee output, and then what’s the most impact to our constituents from a resident engagement perspective? Start with that. Figure out what we can what you consider the highest areas to focus on. There’s only so much budget.

You could take every service inside a public sector agency and make it active running across multiple regions, all three regions of the country at all times. And that is not the cheapest thing in the world to do. So, you have to stack rank on what’s most important and then start saying, okay, for the most critical service, how do we want to handle this?

You have all the technology tools inside the public cloud nowadays. If you want to do active, you want the 24/7 focus, you want the four to five nines, you can get those solutions to handle that.

But it’s there’s a cost factor, and there’s an operations factor, and sometimes there’s a refactoring factor to get to that point. So, stack rank, figure out what’s most critical, and start building your road map to go through this from a resiliency perspective. And then start to think about, okay, what’s my risk areas for within that critical solution?

Is it just that there’s a natural disaster, an issue in one particular data center availability zone? Is it the fact that I don’t know if this can handle the load that we’re looking at for the next two years? And you can start to build plans around that. You can say, well, these are the three things we’re going to do for the most critical system, and then this is what we’re going to do for the second system and build a road map.

You can get budget information on how to do cost modeling with inside the public cloud. And I’m sure most people that are running private cloud say they know how to do the cost modeling inside the private cloud for what they have today as well. It just might be more expensive. And so put that forward then back to the budgeting office and say, this is what we need to do, and you might be able to do the top three one year and do five more the next year, but it should be part of your DNA.

It’s not a one-time thing. It’s something where a good operations process every year as part of the budget is what are we doing to improve resiliency. And when something new comes in, how do we make sure that we’re incorporating it into our operational plans to make sure that the resiliency comes in in a good state and not something we have to fix a year later.

Josh Henderson: And now you touched on the idea of a road map a couple times there in that answer.

So, before I let you go, if you were to outline a road map to resilience, what would the key steps look like – especially for agencies looking to move forward in a thoughtful, phased, long-term way?

Russell Gainford: There’s the factors that I’ve already talked about, which is what’s the most critical, how do you go through that.

But if you’re an agency, also consider the fact that it may be that they have this five Rs of moving to the cloud, like the refactoring, the rewrite, and the replacement.

And so, I would look at what are your critical systems. And if they’re not available in the public cloud, maybe you do need to look at how do we move to a new system, a new SaaS-based solution. Because you can take a system that has five, 10, 15 years of technical debt in it and start mapping out. That certainly will work, and you can say over several years, we’re going to get this the resiliency level we want, but it’s going to be expensive. It’s going to be time-intensive for your team.

Or you could say, if we’re working on a product that doesn’t have a road map to move to the cloud and provide us a highly resilient system, then what are alternatives? Maybe we need to look at something that’s going to be invested in for the future and go that route. And then for whatever you have internal or things you’ve built yourself or things that you can’t replace in the near term, go back to that prioritization multi-year road map, what needs to be up all the time, what just needs a standard failover with a click of a button if it happens, and then you can work your way through that pragmatically. So, it’s almost a roadmap for your resiliency in some ways is tied to, for those in the private cloud, your road map to the public cloud. They’re tied together because as you move to the newer technology, it provides you so many more options for resiliency.

And don’t try to do it all at once. Bring them in together and say, this is what we’re doing as we go to the cloud. And that as we do that, we’re going to do a, b, and c, which is going to make the system much more resilient than it is today.

Josh Henderson: So many great takeaways for our listeners, as always. Russell, always great having you on the podcast, and as cloud-based solutions continue to evolve, as they will, we’ll have you back on to break it all down for us. Really appreciate it.

Russell Gainford: Thanks a lot, Josh. I appreciate the time today, thank you.

Josh Henderson: Thanks so much for joining us for this conversation with Tyler’s Chief Technology Officer, Russell Gainford.

As we heard today, building resilience in government technology means more than just recovering from disruption.

It’s about proactively identifying risks, reducing technical debt, and designing systems that can adapt as needs evolve.

With the cloud, agencies aren’t just building stronger defenses. They’re gaining the flexibility to adapt, recover faster, and keep critical systems running no matter what comes their way.

At Tyler, we’re committed to providing the cloud solutions and expertise that help governments build long-term resilience and prepare for the unexpected.

If you’d like to learn more about what we discussed today, be sure to check out the show notes for additional resources.

And we’d love to hear your feedback. Fill out the survey linked in the show notes or reach out to us anytime at podcast@tylertech.com. And don’t forget to subscribe, rate, and review the podcast so you won’t miss what’s next.

For Tyler Technologies, I’m Josh Henderson. Thanks for listening to the Tyler Tech Podcast.