BrandPosts are written and edited by members of our sponsor community. BrandPosts create an opportunity for an individual sponsor to provide insight and commentary from their point-of-view directly to our audience. The editorial team does not participate in the writing or editing of BrandPosts.
By Robert Christiansen
Is your business transitioning from on-premises infrastructure to multi-cloud, hybrid cloud, or both? If you answered yes to any of these, you are embarking on the single most significant technology shift your company will face over the next decade.
Whether you are looking to move one workload or shutdown an entire data center, the transformation is complex and full of difficulty. Successful cloud adoption dictates a razor-sharp focus and a detailed blueprint, as a single misstep can become costly and time consuming.
I suggest following these five best practices to increase your chances of success.
1. Make a cloud-firstcommitment
A cloud-first commitment means that all your applications should be in the cloud – either in a public cloud or on premises in a private cloud. For example, many businesses are moving all their applications to the public cloud unlessthere is a compelling reason to remain on premises. Of course, due to cost, security, or governance concerns, some applications or data may need to stay on premises. In that case, setting up a private cloud that easily integrates with your public cloud is the best option. Either way, you must prioritize a cloud-first strategy in order to reap the full benefits of your public cloud or on-premises private cloud.
A cloud-first strategy ensures that your organization will dedicate the appropriate resources needed to make necessary changes. Cloud-first also requires assigning dedicated teams and funding your cloud program properly. This means team members should only work on cloud-related activities, and they should focus entirely on getting the enterprise to the cloud securely – not just kicking the tires with a proof-of-concept or a pilot program.
2. Know your cloud economics
Understanding the economics of public cloud adoption seems like a no-brainer. However, I’ve found that more than 50% of enterprises do not take the time to determine the business case for moving to the public cloud, probably because they “already know” it’s a good thing. Nevertheless, an organization gains valuable insights by building a business case to improve their understanding of cloud economics.
Public cloud economics fall into two separate buckets. The first is a total cost of ownership (TCO) analysis along with hard cost savings – a like-for-like replacement of on-premises services with cloud services. When determining your current costs, look at the whole package, not just server-for-server comparisons. Cost considerations should include the following: hardware, networking, downtime, upgrades, disaster recovery/business continuity, service level agreement penalties, deployment, operational support, performance, selecting vendor software, requirements analysis, training, integration, quality testing, application enhancement, bug fixes, physical security costs, contracting, replacement, and other risks.
The second bucket of cloud economics includes agility and other soft benefits. For example: What is the benefit of having highly flexible, agile infrastructure? What is the financial impact of decreasing provisioning times from months to hours? How do you measure the impact of productivity?
3. Discover the inner-workings of your application estate
Cloud environments like AWS, Azure, and Google are not fully backward compatible. That means you won’t be able to move all of your applications to these clouds. Depending on the importance of these applications, you will need a hybrid cloud network where the public cloud provider connects to a private cloud via complex technology. With the proper integration between your public and private clouds, the two different environments can work together well – but you must set up the integration properly.
Data has gravity; therefore, a realistic view of the estate and the risks of moving that data must be weighed in context of your overall risk profile. Sometimes, the interconnections between apps and data are so complex you will need to keep them close to the data.
The challenges with hybrid cloud networks include latency as well as the volume of data transmitted through the network. Simply put, you can cripple your cloud program if you don’t have a thorough understanding of the mapping and data volume between application dependencies. Many organizations rely on outside cloud experts who use automation and numerous tools to make this process easier.
4. Perform a security and governance gap assessment
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. The CSA’s Cloud Controls Matrix (CCM) serves as a baseline of control objects for cloud computing in the enterprise.
Repeatable patterns of reference architectures form a baseline for you to assess security and governance gaps in your cloud program. Performing a security and governance gap assessment means looking at your control objectives against a known standard, such as CSA’s matrix, and documenting the gaps in your controls against accepted best practices. Instead of building your security reference architecture from the ground up, you can accept a baseline and make minor changes to meet your specific needs.
5. Plan for continuous compliance
Consumption-based, cloud models require a new level of governance because legacy change controls are too slow. Instead, you need continuous compliance, in the form of software that is constantly looking at your environment and controlling the consumption and usage of cloud services.
For example, AWS EC2 servers and attached storage (EBS) form the basic server/storage configuration. If you delete a server and do not specifically tell AWS to delete the storage, the storage is orphaned. Over time, orphaned block storage becomes a risk to the company. Unless properly governed, unknown storage volumes cost money and can contain sensitive data.
Continuous governance is a combination of security, risk, compliance, and finance controls that are implemented using software. And like any software controls, managing the profiles is where you gain your greatest benefits in the form of consistent, repeatable outcomes with fewer errors.
Best practices are just the starting point
Following these five best practices will start you on the road to a successful cloud transformation that integrates well with your private environment. But remember, successfully navigating this transition is difficult. Before starting your overall cloud program, make sure you have assembled a team with the experience, tools, and processes necessary to execute the move successfully.
Robert Christiansen is a cloud technology leader, best-selling author, mentor, and speaker. In his role as VP, Client Advocate, Robert is a key member of the HPE CTO Office. His client base includes Fortune 500 and Global 2000 customers, and his team’s leadership model encompasses the entire IT transformation journey, from inception to execution. To read more articles by Robert, please visit the HPE Shifting to Software-Defined blog.