At a virtual seminar on 9 June 2021, sponsored by managed IT service provider Sungard Availability Services, eight senior IT decision makers gathered to discuss how organisations can accelerate their journey to cloud computing.
The seminar was designed to enable the participants to share their experiences, discuss what best practice looks like, and explore the ways that obstacles can be overcome and progress encouraged.
It’s clear the cloud offers many real benefits such as agility, resilience and cost savings. However, it can also be a source of considerable frustration. Often there is a disconnect between expectation and reality, leaving people disappointed.
And finding the right way forwards for a particular organisation can also be hard. There are frequently more questions than answers when it comes to finding the best way to progress. For example, the pandemic has accelerated the desire to change, but people are often hesitant about change because they have been put off by their own or other people’s previous experiences.
Even developing a strategy can be problematic. Some organisations have a “public cloud first” strategy. But in reality, some of their individual apps may need a more nuanced approach. For example, apps that involve very sensitive data may need to be hosted on premises, or in a private cloud for increased security levels.
Defining a cloud strategy is time-consuming. And the market and technological options will change while you are doing this. So defining the final outcome before you start your strategy is impossible. Rather, the approach should be to define the objectives of any move to the cloud and understand how they align with wider corporate goals.
There are a number of market pressures driving cloud adoption. Some of these result from the pandemic – a realisation that agility and resilience are critical, for instance. Another thing that is driving cloud adoption is that more data is being captured by organisations. Storage in the cloud is often more convenient.
Sustainability is an important driver. Sustainability credentials are often attached to cloud computing. But for these to be useful you need to be able to measure them. It isn’t always easy. For example, the technology may be sustainable from an energy consumption perspective, but for the whole project to be sustainable much will depend on the organisation supplying the technology. Is it sustainable as an organisation? And how about its suppliers?
Risks and rewards
Ultimately it is likely to be top management – the board – who sign off a move to the cloud. But boards are a challenge: they often don’t understand technology or cyber-security. It’s generally simple to explain the benefits in theory: less hardware to manage and fewer capital investments to make and manage.
However, there is always a cost to moving to the cloud. And so a big problem is “bill shock”. This means that the benefits need to be quantified in financial terms. Unfortunately, it’s only once you have moved to the cloud that you can get a real handle on the costs and savings.
That’s because moving to the cloud is very different for each organisation. Different goals will have different requirements. Different providers will provide very different services and indeed different types of options around management and security.
One example here is that the design for security can be very different. There will be options to choose around how much security control you are going to delegate to the cloud providers.
This mean that choosing the right supplier will depend on what you want to achieve, how much risk you are prepared to take, the options and service levels defined in the contract, and of course the costs of the contract, including any variations over time.
Making it happen
Not all clouds are equal and not all ways of using the cloud are equal. Indeed the cloud will not always be appropriate. But if it is decided that moving to the cloud is important (as it is likely to be for at least some part of every organisation) then you will need to be clear about goals.
It’s fine to engage in a “lift and shift” just to please the board, but don’t expect major savings. If you want to go further and restructure business architecture to operate more efficiently in the cloud then a greater level of transformation will be possible, but with a greater level of effort to achieve it.
An important consideration is who to partner with. Organisations can manage the move to the cloud on their own. But many will prefer to work with specialists who can point out the pitfalls. When doing this, some organisations will use one cloud provider. But others may use several, each of which has different strengths in enterprise level apps, serverless features or data analytics.
Even when partnering with specialist organisations IT teams will need to be retrained in order to have the in-house capability to manage cloud services.
And as well as knowledge there is a need for cultural change. Senior people are often frightened by technology (if they don’t have a technology background, they may not wish to expose this lack knowledge), and so they may want to prevent or slow change.
You can address this cultural problem in two ways. First you can simply say “trust me, we need to do this”. Or you can take them through a series of scenarios that demonstrate the reasons for using the cloud which you prove with a cost-benefit analysis. Either way you will need to get the majority of senior decision makers on side if you want to have a chance of making progress.
What are the challenges? There are many from an organisational perspective. A lack of clarity about aims. Indecisive leadership. A lack of success followed by reduced confidence. Poor communications. A limited budget.
But there are very specific challenges from the technical perspective. These include security and resilience. The biggest, however, is managing the transition. You still have to communicate with on-premises systems. And if they are out of date – for example, if they can’t use the latest secure connectivity – then you have issues that will be hard to resolve. There are other issues to be aware of too: key and certificate management; understanding who is responsible for system management; system monitoring and how to get the data; and access management, which is much more complex in the cloud.
One particular challenge is regulation. Regulators, who previously focused on industry requirements or issues of privacy and security, are now trying to add a new area of competence: sustainability. This will add complexity. Another area regulators are increasingly getting involved in is concentration risk. When too many critical services are managed by too few providers there is a danger that things can go wrong for a large part of the market if just one provider experiences problems. So it is very important to be aware of how regulators need to be managed.
Perhaps the greatest challenge to manage is technological risk. Many of the threats caused by the move to the cloud are not yet understood. Experience will help. But it will also highlight when things go wrong and that will slow adoption. The problem here is that even the strongest and best-managed service can break. A useful lesson, though, is that this is as true of on-premises applications as it is of the cloud.
One way through this is to start by implementing an internal cloud migration that uses a private cloud hosted on-premises. The experience of doing this can then be used to build a roadmap for public cloud migration.
Keeping things going at pace
Once an agreement has been taken to use the cloud and things have started to move, there is a real need to keep them moving. Again, this is a problematic area. But there are things that can be done to maintain progress.
Stakeholder meetings are critical. The requirement is for all stakeholders to be involved, to feel they are part of achieving success and that it isn’t just down to the IT team. A tactic here is to delegate much of the communication to non-technical teams.
Another strategy is to trumpet success. This doesn’t have to involve big wins. It can be progress in small stages as the project moves along. Starting slow and showing early success is far better than moving at speed and trying to get everything done in one go.
Finally, it’s important to address people’s concerns. Getting people round the table early on, discussing their issues and reassuring them will be important. But this needs to be done continuously throughout the process of migration to the cloud.
The meeting concluded by agreeing that there were four key themes that had been discussed.
First was an acceptance of the importance of clarity. Identifying the goals of cloud migration was essential. These goals needed to be consistently held across the whole of the organisation even if they could change over time.
Second, the importance of sharing knowledge was agreed. This knowledge may be held internally but it should also be available externally from partner organisations. Communicating knowledge and championing change will be critical to success.
Third, while migration to the cloud will affect and involve the whole organisation, the IT team has a particularly important role to play. They will be the champions of agility and security within the process, and they will also be important advocates of the change required.
And fourth, it is essential to keep people’s confidence in the process of migrating high. This involves constant trumpeting of success. If people believe success is achievable it is far more likely that the many benefits available from a move to the cloud will be achieved.