Cloud migration has accelerated among businesses of all sizes in the last two years, driven in large part by the desire to become more agile, reduce operational costs, and increase innovation. Adoption shows no signs of slowing and the IDC predicts that most software vendors will have fully shifted to a software as a service (SaaS (News - Alert)) or platform as a service (PaaS) platform by the year 2018.
However, cloud migration poses a number of complex issues which are quickly outpacing the ability of most organizations to manage it effectively. Many have migrated into new environments rapidly but are now facing the challenges and complexities of managing fast growing applications and infrastructure in the public cloud.
Challenges such as governance, security, talent management, cost and vendor lock-in are some of the biggest roadblocks on the path to comprehensive cloud management. Plus, with the fast-and-furious pace of workloads, cloud adoption can quickly go from a dream IT initiative into a nightmare of out-of-control costs, a lack of adherence to internal policies and controls, reliability challenges, and, in the worst cases, data breaches and regulatory fines. Here’s how to take a strategic approach to managing these four key areas of cloud computing.
A recent cloud study found that top-performing cloud organizations are twice as likely to have centralized governance for migrating workloads. Though a lofty goal, getting governance to work for you can result in great things such as faster decision-making and simpler day-to-day operations, provided you strike the right balance between agility and control. As your cloud environment grows, it’s easy to lose track of all the moving parts due to disparate services, multiple service level agreements (SLA’s), pricing models, security controls, etc.
The goal is to maintain an agile environment and still leverage the benefits of cloud computing. Governance supports this goal by ensuring secure, effective and efficient use of IT resources. Just as you have policies in place to manage your business, governance helps optimize your cloud.
To implement a sound cloud governance program, start by creating guidelines that define appropriate infrastructure for each application, workload or environment to provide consistency across the organization. Consider all aspects of managing these workloads, including cost, availability, performance, security and usage. Define governance rules that target thresholds for when applications and their supporting infrastructure deviate from your desired state, such as when an application is projected to overrun its budget, deviates from its required security, or when it is not properly balanced for disaster recover.
Proper governance helps manage cloud cost, availability, security, and usage across multiple applications, teams, and products. It’s a surefire way to help keep cloud programs on track, and avoid stalls – or even failures – in adoption.
As mentioned, the race to reap the benefits of the cloud can result in missteps and contention if you don’t first lay the groundwork for success. Security is no different. Organizations open themselves up to security risks resulting from mistaken or non-compliant changes. This trend has driven cloud providers to make substantial investments in security that, when adopted accurately, can make the cloud more secure than on premise.
The misconception is that these rich security offerings are a “do it for me” option, when in fact there is much ownership delegated to the customer. Security starts with people. No matter how secure the environment, a malicious or misinformed insider can do more damage than any external hacker. Gartner estimates that, by 2020, 80 percent of cloud breaches will be due to customer misconfiguration, mismanaged credentials or insider theft, not cloud provider vulnerabilities. The ease in which security changes can be made in the cloud, and the frequency of these changes, makes it critical to be continuously monitoring for adherence to internal security policies and best practices.
The risks in lack of security have never been higher, so practicing proper identity and access management is paramount when it comes to securing the cloud. Using a platform that can automatically run policies to help enforce compliance and can alert you before issues arise is a good bet to get ahead of issues and be prepared.
Cloud cost management is more than just dollars and cents; it’s a complicated equation that consists of several moving parts – utilization, performance, security and availability, just to name a few. These factors in the sprawling cloud ecosystem, when evaluated correctly, can equate to overall cost. As cloud usage scales, it's important to adopt processes and methodologies that continue to harness agility without imposing undue overhead. Companies often hit a cloud wall when scaling usage, as their ability to manage secure and optimized infrastructure can no longer keep pace with usage.
A solution to this is early adoption of a centralized governance role. Lightweight centralized governance will help drive faster decision-making, simplify day-to-day operations, and enable team members to focus on their core responsibilities – namely, adding business value. This equates to clearly communicated ownership and ROI between departments to create and share cloud cost analysis reports across lines of business. Breaking down your cloud cost and allocating to business groups via governance for validation, and ultimately a clear forecast of monthly spend, will give constant visibility into the otherwise murky waters of cloud spend.
Most business models rely on customer retention and new business streams. The same goes for SaaS vendors. The continuing IaaS-to-PaaS evolution, along with the concept of “data gravity” (i.e. the notion that data, at large sizes, is difficult to move), make vendor lock-in hard to avoid. Customers, meanwhile, are increasingly seeking freedom of choice.
While there is no clear strategy for breaking free from vendor lock-in, many companies are adopting a heterogeneous cloud model which combines best of breed services from multiple cloud providers. Accepting the vendor lock-in that comes with specific services in return for the benefit of their superior features seems mournful – unlike the winner-takes-all scenario, it presumes the diversity of services being offered. Ultimately, as cloud providers move up the application stack, we will see a result in a differentiation of clouds at a service level that encourages the use of a multi-vendor solution.
The complexity of migrating to the cloud, or even cloud maintenance, can be overwhelming, but when you implement best practices in order to deliver accurate insights, amazing things can happen. The goal of many companies is to become more agile, reduce operational costs and improve overall collaboration – all of this can be done with proper cloud management and partnership with the right service provider.
About the Author
Joe is CTO and Founder of CloudHealth Technologies, one of the fastest growing companies in the emerging Cloud Service Management field. Joe is focused on helping organizations realize the full potential of the cloud, without having to sacrifice cost, performance, availability, or service level. With 20+ years of experience delivering software for companies of all sizes, Joe sees CloudHealth bringing the cloud to the enterprise by enabling the next generation of IT service management for the cloud.
Edited by Alicia Young