The ladder to the cloud is missing a few rungs. At least, that is the conclusion of 276 IT professionals recently polled in a survey commissioned by Sungard Availability Services*. In the survey, the top three reasons indicated for why cloud computing implementations fail were:
- lack of understanding of cloud security and compliance (indicated by 56% of respondents)
- lack of clearly-identified business objectives for migrating to the cloud (55%)
- lack of planning (42%)
Those are three gaping holes in the ladder to a successful cloud implementation, and I believe that mistaken beliefs are at the core of each one.
Mistake #1: The cloud is different from other information technology.
“The cloud” sounds so nebulous. How do you secure something you can’t see or touch? How can you wrap compliance around something so ambiguous? How can regulations be applied to virtual machines?
Stop. The cloud is still based on hardware and application infrastructure – all the stuff IT people have worked with for decades. For a successful cloud implementation, you just need to do something you’ve probably done a dozen times before: create a strong, well-defined roles and responsibilities matrix around all the different security aspects that are in effect in the cloud. This might include who protects data at rest and data in motion, and who handles security at the network, application, storage, and compute levels. Take away the word “cloud” and this becomes familiar territory for IT – and should be treated as such.
Chances are, security will be a shared responsibility between cloud provider and client company. Most companies approve of that, because it affirms that they do not lose control just because they move to the cloud. Figure out ahead of time who does what so that there are no unwelcome surprises (or breaches) down the road.
Mistake #2: “Everybody is doing it” is a good reason to move to the cloud.
All too often, key leadership decides that “we need to move to the cloud because the cloud is the wave of the future.” No other reason is given, and – because key leadership had issued the decree – no other justification is required.
But “everybody is doing it” is an insufficient reason to move to the cloud because it is not a business objective. Business leaders need to do the same thing we just told the IT people in the previous point: forget you’re dealing with the cloud and treat this just like any other proposition. Sit down, weigh the pros and cons, and figure out if you have real, definable, specific business objectives that the cloud can help you fulfill. For instance, you may want to lower costs by X% or achieve near-zero recovery time objectives (RTOs) or recovery point objectives (RPOs). How will you know if you had a successful cloud implementation unless you have something to measure? Business objectives tell you what your metrics are going to be.
Mistake #3: Our people are technically savvy – they can figure this out.
I have no doubt that your IT people are skilled, experienced, and intelligent. They probably have the technical acumen necessary to do many of the tasks related to cloud migration and implementation. But that doesn’t mean they have the ability to create an end-to-end cloud implementation plan.
It’s time to be practical here. Cloud implementations have hundreds of moving parts. Planning has to take into consideration all of those parts: all the interdependencies have to be mapped, the timing for each part of the migration has to be perfect to avoid business interruptions, the applications have to be made cloud-ready, etc. And on top of that, a solid methodology for cloud implementation needs to be selected, aggressive program management needs to be executed for the duration of the implementation, and contingency plans need to be built in at crucial junctures. It is next to impossible for people to create a thorough, comprehensive cloud implementation plan when they haven’t done it before.
There’s a learning curve to planning effectively for cloud implementation, as there is to every other skill in life. Unless you are willing to contend with the inevitable mistakes your internal staff will make as part of that learning curve, it would be wiser to partner with a third-party with multiple successful cloud implementations under its belt.
Replacing the rungs on the ladder to the cloud
Three rungs missing. Three mistakes made. What it all comes down to is this: businesses need to treat the cloud exactly the same as any technology enhancement. Cloud adoption may include a number of desirable benefits, but you have to think of it as just a new technology architecture: nothing more, nothing less. Get specific about security. Get detailed about business objectives. Get smart about planning. With those rungs back in place, you’ll find climbing to the cloud a breeze.
*The survey, commissioned by Sungard Availability Services, was conducted by SurveyMonkey Audience. The survey reached 276 IT professionals and was completed in December 2014.
This article was previously published on Sungard Availability Services.