Your cloud strategy is more complicated than you thought
Sometimes you have several conversations in a single day that stops you in your tracks and brings clarity. The two conversations I had the other day were with a Chief Information Security Officer (CISO) and a CTO of two large companies. While we discussed many of the important initiatives that their companies are planning, the discussion came around to the cloud – as it almost always does.
Both IT leaders mentioned that their companies were in the midst of planning their long-term cloud strategies. Some common threads emerged: cloud computing is the foundation for the future however moving to the cloud is not simple. Both IT leaders agreed on a key truth: despite moving workloads to the cloud, your company still owns the responsibility for whatever might happen. If you application goes down or if your data is lost – it is still your responsibility.
Moving workloads to the public cloud
But the commonality ended there. Let’s start with the CISO I spoke with. The data center is almost at capacity and the decision was made to begin to move workloads and applications from the data center into the public cloud.
As a starting point, the company moved three relatively small applications from the data center into a well-known public cloud. If the initial move is successful, the company plans to move more than 100 applications to the public cloud within the next 12 months. The CISO made an interesting comment that stayed with me, “Everyone here thinks that once we move all of these applications to the cloud they don’t have to worry about the management of those applications or the infrastructure.” He feels that the company’s management team doesn’t understand that they are still responsible for the integrity and governance of their applications and the security of the infrastructure.
The cost consideration
This CISO’s other major concern is that the company is not looking paying close attention to the mounting costs for public cloud services. In fact, his wake up call was that while the company had budgeted $5 million to migrate and manage the first three applications, the actual costs was closer to $25 million. The cost overruns were due to the size of the applications, the amount of data associates with the applications, the complexity of the environments and the additional services required. These services included security, backup, mirrored disks and data management services.
Picking a multi-cloud strategy
My second conversation was with a CTO of another relatively large company. Like the first company, cloud is a fundamental part of the company’s strategy. However, this company is taking a different approach to the migration to the cloud. The company has put in place a multi-cloud strategy. “Eventually it will be possible to move completely to the public cloud but not for quite a while,” the CTO told me. Right now the company intends to maintain its data center for core enterprise applications. At the same time the company has built its own private cloud with open source infrastructure elements such as Kubernetes and Docker. In addition, the company uses two public cloud services that are used primarily when there is a need to rapidly scale workloads. In other words, the public clouds are used for bursting when capability to reached in the private cloud.
Picking the right platform for the right workload
The multi-cloud approach is working well because it keeps costs under control and enables the company to more easily move workloads between cloud providers. The benefits of using public clouds are clear to this CTO. The public cloud provides a level of flexibility, speed and time to market that is not available in the private cloud at this time. For large, complex workloads that require a high level of security and governance, the private cloud is the answer.
The bottom line: the cloud world is a matter of tradeoffs
It is human nature to want to have a simple answer that removes the complexity. Unfortunately, in life and in cloud computing, things are complicated. Both of these IT leaders are focused on the same issues: streaming IT based on financial considerations, flexibility, scale, and security.
It is my view that we cannot simply make a quick selection without considering what might change in the future. There are consequences to every choice that organizations make. The best answer is always to be prepared for change – and sometimes be prepared for the worse.