The rapid shift to cloud services in recent years has given organizations unprecedented flexibility, scalability, and enabled them to continue their digital transformation efforts. It has led to complex, intermingled strategies that could diminish the cloud’s luster for many.
Enterprises don’t typically deploy one cloud service and call it a day. They depend on multiple offerings from different vendors for everything, from procuring key business apps to creating new development environments to managing their entire IT infrastructure.
The multiple/hybrid cloud strategy can result in complexities and challenges that many IT and business leaders didn’t see coming. And this can be made all the more difficult when various business departments and groups use the cloud without central IT’s approval or knowledge.
These are some of the challenges and complexities that cloud environments can present to organizations. Here are some ways that organizations can overcome these obstacles.
Controlling your costs
Cloud costs can quickly spin out of control, especially when departments outside central IT add to the organization’s overall cloud footprint. However, cloud cost reduction is one of the main benefits of the cloud. Organizations should not allow multicloud strategies to lead to runaway expenses.
One solution is to create cloud governance programs.
“Governance is not a fixed process or tool,” says Antonio Vazquez, CIO at business process automation platform provider Bizagi. “Governance programs can be structured and managed in many different ways, and they are critical to a successful cloud strategy. Moving to the cloud means that we need to manage change to reduce risk and cost, with governance as the top layer to facilitate that change.”
It’s a good idea to start small and then expand the governance plan, Vazquez says. To get the most out of cloud providers, partner with them, hire cloud-related people, move toward DevSecOps methodology for cloud-based programming, and properly document and communicate the governance program.
“This change in paradigm makes it very complex to navigate, and the only tool that we have is governance,” Vazquez says. “A strong governance plan that includes best practices like tagging, workload management, RACI [responsible, accountable, consulted, and informed] matrix, rightsizing, cost management, security monitoring, etc., will provide the necessary tools to steer the boat and navigate complex cloud management.”
Sumit Johar is the CIO of Automation Anywhere. He says that fragmented investments into cloud services without a clear strategy can lead to long-term costs and management problems. “On the business applications side, organizations are facing an explosion of SaaS [software-as-a-service] applications,” he says. “A decade ago, an organization may have used from 20 to as many as 50 apps. But now the average is 250-plus apps.”
Since subscription-based cloud applications don’t need any IT infrastructure, a line of business such as human resources or marketing can buy their own, Johar says. “CIOs must ensure that procurement of these applications goes through an IT-led vendor risk assessment process,” he says. “Governing apps within an organization is becoming a greater challenge, and CIOs must put policies in place for business-led applications.”
Security risks addressed
IT leaders have been worried about cloud security for some time. Cloud environments are becoming more complex and the challenge of protecting data, applications, and other information in the cloud has never been greater.
“Security management has become one of the most critical issues for companies moving to the cloud,” Vazquez says. “On top of that, the pandemic has brought higher complexity to the environment in terms of employee dispersion.”
Bizagi has now changed from a working model where all employees could access on-premises system from the office via a corporate networking to a model where employees can work remotely using any device and access cloud resources.
“This change in paradigm has to be addressed by approaching security from a different standpoint,” Vazquez says. “In our case, the strategy is migrating to a cloud-based secure access service edge and zero-trust service model.”
Bizagi still maintains some legacy systems on-premises and in a private cloud. However, its strategy is to move most of its services to a public cloud for applications such as CRM, billing, project management, ERP, and project management. It also uses the cloud to host its own low code automation platform and web platforms such as Ecommerce.
Pitney Bowes, which is a provider shipping and mailing equipment, monitors its cloud configurations continuously for security issues.
“We implement this scanning across the entirety of our cloud footprint, and link the output into our centralized security incident and event management system,” Fairweather says.
One of the mechanisms the company uses to ensure security of products and services is a common security scorecard approach that each team maintains, and that a senior team reviews with the application development team on a quarterly basis.
“The use of a numerous automated scanning tools, a common — and automated — scorecard to show results, and imparting accountability to teams to own the outcomes and be part of a quarterly review of their scorecard all have led to a significant improvement in our security posture over the last several years,” Fairweather says.
Workarounds for the worker shortage
Lots of organizations are continuing to deal with the “Great Resignation.” But in the case of IT jobs, often there is no one to resign because positions remain unfilled in the first place. While technology professionals, including those who are experts in cloud-related areas, are in short supply, demand is high.
IT leaders must still find ways to attract and keep people who understand cloud architecture, cloud service platforms, languages and application programming interfaces (APIs), security, containers, data migrating, and many other aspects.
“Managing cloud environments is different than managing on-premises environments, and requires a diverse skill set,” Johar says. “CIOs must build a team with unique skills in addition to continuing to upskill and reskill IT teams to work in cloud environments.”
Handling changes in responsibilities
The rise and popularity of the cloud is changing everything about IT, including the responsibilities of CIOs. They might fail if technology leaders and their teams continue to do things the way they did before the cloud emerged.
This doesn’t mean IT management is no longer needed. In fact, with the growing complexity of multicloud strategies, IT’s guidance is needed more than ever.
“The CIO’s role is changing from ‘build and control’ to ‘guide and inspire,’” Johar says. “Our new role requires us to allow citizen developers from business teams to share some of the traditional IT work with proper oversight from our IT team.”
Automation Anywhere is a “cloud-first” company Johar says, and many of its customers are embracing the cloud version of its automation platform. “Therefore, it’s important to me that we also fully embrace cloud internally within our global organization, and tap into its benefits,” he says.
The majority of the organization, including IT infrastructure, network service, and almost all its business functions, uses SaaS applications along with cloud infrastructure. Johar, as CIO, has the opportunity to enable these services and manage the complexity through strong leadership.
Microservices management
The complexity of managing microservices is increasing with the rise in cloud services. Emily Lewis-Pinnell, who heads the cloud practice at NTT Data Services, says that microservices are becoming more complex. Microservices allow for rapid application advancements and require new management methods, especially as they continue scaling rapidly, she states.
Lewis-Pinnell states that application sprawl can lead to inefficiency and a loss of productivity, as well as security risks if the applications are not updated properly. “Businesses need to have a balance between adopting new technology and retiring the old, as well as strong management and organization, or their application footprint can quickly grow to be unmanageable,” she says.
NTT Data has recently collaborated with Volusion to create microservices. “We applied infrastructure-as-code [IaC] to two of the microservices in Volusion’s ecommerce platform,” Lewis-Pinnell says. “IaC ensures that the same environment is reliably provisioned every time throughout the software development cycle, including test and production, allowing rapid deployment at scale with less risk.”
The four Kubernetes clusters that host the microservices orchestrate them. Lewis-Pinnell states that Volusion was able to create these clusters using the open-source IaC tool. “Volusion can now deploy Kubernetes clusters with a simplified, automated workflow, [ensuring] that each environment is built with a consistent, best-practice design,” she says.
Making sure the cloud drives real business results
The more complex a cloud strategy gets, the more difficult it might be to determine the return on investment from the various services in use, or whether there’s a return at all.
“Having the ability to define workloads and architect the right provider to perform specific requirements has been crucial, in my experience,” says Mike Clifton, executive vice president and chief information and digital officer at Alorica, a provider of customer service outsourcing.
“I recommend thinking of your company like a puzzle, with numerous pieces that connect together to add value for the customer,” Clifton says. In Alorica’s line of business, the company has different actions coming into its environment and going out to its client’s environment, be that authenticating, call tracking, or recording.
“For example, our ability to successfully integrate voice functionalities into a customer-facing environment in the right language, in the right time and in the right channel, is table stakes for achieving real-world business outcomes, whether that’s a positive product review, interest in a discount offer or even an upsell,” Clifton says.
Clifton states that brokering service level agreements with cloud service providers is the only way to succeed in complex cloud environments. These agreements outline a set of deliverables and provide a framework for success. “Once you have the scalable infrastructure in place, you can begin to piece together all workflows without major risk of disruption,” he says.