This article was first published in The new IT playbook, a report that explores what it means to be resilient and adaptable in the face of disruption.
The global pandemic has pushed a lot of cloud initiatives off drawing boards and into action. Far-flung organizations are using cloud apps to connect people and handle key business functions. Governments are moving constituent services online. Food retailers are adding cloud instances to support online distributions and inbound customer requests.
For many, cloud has saved the day―at least for the time being. But for how long? Has the rapid acceleration of cloud adoption invited problems down the line? Have some organizations moved to the cloud so quickly that they’ve skipped valuable steps that could help them build secure, sustainable, efficient, and cost-effective cloud operations in the future?
If your business migrated to the cloud faster than it originally planned to, now might be a good time to take a breath and reassess. Look at the steps you’ve taken, evaluate how well things are going, and develop a detailed, methodical plan to ensure that cloud will be serving your needs well after the current disruption.
Here are seven things to do to optimize your cloud for the long haul.
Start with why
In the book “Start with Why,” author Simon Sinek stresses the need to set honest, relatable end goals for any situation. “People don’t buy what you do; they buy why you do it,” Sinek writes. So, organizations should ask themselves: Why move to the cloud? Just because we can do it, should we?
The short answer most executives will give during the pandemic is that cloud enables their business to solve an immediate problem. Cloud can connect our workforces. Cloud can make sure the website won’t crash during heavy usage.
Short-term fixes can be accomplished by moving around a few workloads. But cloud, done correctly, is a long-term process that requires a long-term view of how it will benefit your organization and a clear vision for the role you want cloud to play as part of your broader IT strategy. Do you want your company to be known as an innovator that breaks new ground with every product introduction? Would you rather be a low-cost leader? Do you want to ramp up your use of data? How much risk are you ready to take? These are questions you’ll want to ask as you develop your cloud strategy.
Moving to cloud just because you can, or because you need to solve a short-term problem, doesn’t position you for long-term success. Understand what you want to be and why cloud can help get you there.
Cloud projects promise all kinds of benefits. But they also can be scary for some in the organization because they require people to change the way they do things.
If your team rushed into the cloud, there’s still time to get naysayers on board. Start by bringing key stakeholders together―in the same room, if social distancing guidelines allow. This gives everybody a chance to not only ask questions and debate future plans but air potential grievances about processes, roles, tools, and other things a cloud-driven business has to adopt.
At HPE Pointnext Services, we use a structured three-day workshop that trains executives in the finer points of our Cloud Adoption Program (CAP). We involve leaders from a variety of disciplines―everybody from C-level executive sponsors to application owners to finance, security, GRC (governance, risk, and compliance), central IT operations, infrastructure coordinators, and database engineers. Getting all the factions aligned is a critical first step in an initiative as important as cloud adoption.
Establish a “Cloud Business Office”
A lot of cloud engagements start in individual departments―with one person paying for an Amazon Web Services (AWS) or similar implementation using a credit card. That has probably happened often during the work-at-home period. One instance turns into three, and soon there are 30 implementations, all operating without central control.
Establishing an office to coordinate all cloud activities eliminates a lot of confusion. Cloud projects are long, complicated, and challenging for any organization―particularly ones that have been operating with legacy infrastructures and outdated processes. We’ve found that the inability to make informed decisions presents the most formidable blocker to moving cloud projects along. Putting a team in place that can make decisions quickly removes―or at least mitigates―that blocker.
The Cloud Business Office is more than just a cloud center of excellence. It’s a permanent operational and governing body that directs and guides all aspects of your cloud program, from the first implementation through ongoing operations. It brings together leaders with vested interests―all aligned to serve the cloud customer: the business unit or software owner.
Address security and governance early
In a recent survey, security issues present the biggest barriers to public cloud adoption. Organizations that rushed into the cloud should take note: This finding indicates that security and compliance need to be addressed early and tended to throughout an implementation.
What’s often missed is the process of assessing security and governance control objects that map to the repeatable patterns in companies’ reference architectures. Control objectives vary significantly from company to company, depending on which industry standards a particular company needs to follow. The challenge is understanding how these standards and regulations map to a specific cloud program.
HPE maps a Cloud Controls Matrix developed by the Cloud Security Alliance to the repeatable architectures on AWS, Azure, and Google. Determining the gaps in your controls and technologies against accepted best practices is a huge time-saver. Rather than build your security reference architecture from the ground up, you can create a baseline and then adapt to meet your specific needs.
Ensure continuous compliance
Organizations moving to the cloud can’t continue to rely on the compliance frameworks they created for their legacy architectures. The tools and processes used for identifying, assessing, and complying in data center environments aren’t well suited for cloud implementations. Using the standard change management and controls approach doesn’t work. Cloud’s new consumption-based model requires a new level of governance where compliance is managed continuously.
Continuous compliance means automating the compliance chain wherever possible to provide a single view for regulatory and corporate compliance, security, risk, and governance. Operating with real-time monitoring and remediation, a continuous compliance model reduces the number of issues organizations need to address. It provides tighter operational security to give customers better visibility into risks before they become critical.
HPE has channeled its vision for continuous compliance into software that constantly looks at customers’ cloud environments and controls the consumption and usage of services in their cloud. The controls are implemented using “software signatures” that check for specific governance and compliance requirements.
Consider the economics
Many enterprises that push their way into the cloud do so, in part, to save money. Cloud offers clear financial advantages over on-premises environments, based on customers’ ability to dial services up and down depending on need.
But cloud customers should keep a close eye on their bills. They can easily end up spending more if they don’t pay attention. It’s like when you go shopping and you buy a two-for-one special: It looks like a good deal, but you do end up paying more because you bought two items rather than one. With cloud, you can easily buy more services than you need.
Organizations can use various tactics to keep their cloud bills under control. They can reduce the amount they consume by promoting efficiency and right-sizing their computing instances to appropriate levels. One way to reduce consumption is to manage the uptime of your environments more efficiently. Unlike in on-premises environments, where provisioning resources tends to take months, cloud users can deprovision idle resources in minutes and avoid paying for them without negatively impacting productivity.
Organizations can also get price breaks by pre-purchasing capacity up to a level they’re certain they can use. Enabling autoscaling prevents you from overprovisioning for the peaks and reduces costs when there are minimal loads on the application. Storage can be managed, too. Take advantage of cold storage for your archives and limit the use of premium storage for mission-critical production environments.
Stay agile, take control
While there are many tactical actions you can take to control cloud costs, there’s an opportunity to think more broadly. You can take steps to make the most of your investment not only in the cloud, but also in your whole IT footprint, while retaining agility and control.
The world is going hybrid. Certain applications are perfect candidates to migrate to the cloud; others aren’t. Organizations are bursting applications to and from the cloud, and they’re maintaining multiple cloud and on-prem locations. Analytics can be done in one place with reporting in another. Agility is the new norm.
To succeed in this new hybrid environment, organizations need to juggle a lot of initiatives. They must maintain operational discipline, stay compliant, and support an appropriate spend posture. These functions should be automated. It’s hard to do that in one environment―on premises or in the cloud―but even more challenging across environments.
At Hewlett Packard Enterprise, our vision is to bring the cloud experience to your applications and data, wherever they may reside. You should make decisions about where they reside based on what makes most sense for your organization at any given time, around critical factors such as security, latency, governance, and economics.
But wherever your workloads sit, you should have the simplicity, agility, and economic flexibility that has come to be synonymous with public cloud We call this HPE GreenLake. There are modules for compliance, cost control, and other functions that can help provide visibility and mitigate these concerns. Resources are allocated as a service based on need across environments, on a managed services basis.
Planning for the long term
So you’ve moved to the cloud: Is your work done? Given the considerations outlined above, it clearly isn’t. For many organizations, the pandemic has pushed cloud to the top of their agendas. They’re seeing immediate benefits and pursuing plans to make cloud a bigger part of their business processes going forward. But fast adoption is no substitute for careful long-term planning.
As we prepare for the future, now is the time to ensure your cloud journey is headed in the right direction.
Copyright © 2020 IDG Communications, Inc.
Send your news and stories to us firstname.lastname@example.org or email@example.com and WhatsApp: +447747873668.
Before you go...
Democratic norms are being stress-tested all over the world, and the past few years have thrown up all kinds of questions we didn't know needed clarifying – how long is too long for a parliamentary prorogation? How far should politicians be allowed to intervene in court cases? To monitor these issues as closely as we have in the past we need your support, so please consider donating to The Climax News Room.