Cloud adoption has become table stakes for companies looking to compete, according to the Harvey Nash/KPMG CIO Survey 2018. The report found that a strong majority, almost three-quarters of IT leaders, are now reporting investment in cloud. In addition, it’s clear that those leading on the digital transformation front are more likely to have already migrated to the cloud. Over half of digital leaders, the survey found, have invested in cloud, compared to less than a third of those who are not.
According to Sai Gadia, managing director, technology risk services at KPMG, there is a natural synergy between cloud and digital transformation, and the availability of more best-of-breed cloud native options for business users means companies will continue to be compelled to adopt cloud.
“As companies look to digitally transform both the front office and the back office, in order to improve customer experience, they find that legacy technologies are not nimble enough,” he says. “The cloud, on the other hand, offers an inherently agile ecosystem to leverage those capabilities.”
Who are the late adopters?
There are, of course, many companies that have yet to embrace cloud. These late adopters might have held off for some very good reasons, says Gadia. For instance, they may be companies in highly-regulated industries such as healthcare or government services. They may be concerned with issues such as the security of private health information or personally-identifiable information, and want to make sure cloud data is protected.
“It’s hard enough to protect data when it’s in the four walls of a data center,” he explains. “It gets harder when it’s out in the public cloud, so some companies have chosen to take a wait-and-watch approach.” However, the mindset toward cloud is shifting even in the regulatory landscape, with regulators coming back to say as long as the right security and privacy controls are in place, companies can use cloud service providers.
Late adopters may have other business considerations holding them back, however. For example, perhaps a company invested in building a modern data center a few years ago. “They may choose to wait until the current investment in hardware and software licenses reaches the end of life, because in certain cases that’s when you realize the most comprehensive benefits,” he explains.
In addition, the continuing maturity of security and privacy tools may be a factor. “Almost every week we hear about someone that misconfigured their cloud service and it led to a data breach,” he says. “Naturally, it leads companies with a conservative mindset to say hey, let’s wait; let’s let the dust settle down.”
Finally, disparate cloud solutions have become far easier to integrate than they used to be. “A few years back, there was no clean way to stitch together 20 different cloud service providers — it was possible, but more manual,” he explains. “Now, those tools have evolved to allow better integration of the whole cloud ecosystem as well as what you have on premise.”
Not only has the cloud evolution begun to help address some of the challenges that companies have traditionally faced, it has also become more cost-effective. Even those who went in as early adopters, says Gadia, may be ready to go full-throttle into cloud across the enterprise, after dipping their toes in the waters.
Next steps for late cloud adopters
First and foremost, late adopters should take advantage of the learnings from early adopters, harnessing the lessons those pioneers experienced on their journeys.
For example, companies should think through their identity and access management strategy: “Don’t work with 30 different cloud service providers without an overall cloud governance approach,” Gadia warns. “You have to think about how you are going to govern the use of the different cloud service providers, as well as how you are going to interconnect the islands of cloud service providers out there.”
Companies should also be careful about going all-in with a single cloud provider, particularly in the infrastructure and platform space. “Each cloud solution has their strengths and sometimes a single vendor may not provide all of that,” he explains.
The other lesson many have learned is around breaches related to the use of cloud services. For example, most leading cloud service providers now offer a variety of preventive and detective measures, so companies should leverage those.
The good news is, the late cloud adopters actually have a big advantage: That is, the maturity that has come from the newer cloud tools, and the ability to implement cloud in the right way. “They can actually leapfrog some of the time and investments made by the early adopters and potentially be in a similar spot in a couple of years, if they start now — so the good news is that all is not lost,” he says. “Cloud is also continuing to evolve, so it will only become more robust, more secure, and easier to use.”