With soaring temperatures nearly touching 40 degrees Celsius in the UK, it’s made us think what does cloud adoption and swimming on a hot summer’s day have in common?
Although the cloud adoption in the UK is outpacing the European average, local businesses of all sizes should never dive into either without first assessing the risks. With almost all technologies which have been developed and deployed, cloud comes with a ‘buyer beware’ label. Each cloud deployment should be configured to the appropriate needs and outcomes of a business. This means knowing what potential hazards lurk below the surface and how they could impact your dive or your application deployment.
Like a cool body of water on a hot day, cloud computing looks like a refreshing change of pace, but the potential risks underneath the surface include:
- Unexpected expenses: Not understanding the known unknowns of cloud spending can really hurt businesses as it holds up valuable financial and human resources which can be used in other areas such as AI experimentation or IoT implementation. Cloud platforms make it really easy to deploy and spin up new resources, but this can lead to shadow IT issues, overprovisioning, and wasted spend. Data from ParkMyCloud shows that between idle resources and overprovisioning, wasted cloud spend will exceed $1.4 billion (£1.12 billion) in 2019.
- Security and governance issues: Even though you’ve outsourced the infrastructure, you’re still on the hook for security. Billions of records were exposed in 2018 due to improper cloud configuration. Simple things like accidently setting an AWS S3 bucket to public instead of private can leave sensitive data exposed to the masses. A CyberSecurity Insiders survey reports that 93 percent of enterprises are worried about public cloud security – not sure why the other 7 percent aren’t worried! With regulators across the globe heavily penalising those organisations which fall foul of data protection laws such as GDPR and CCPA, no one can leave data governance in the corner.
- Performance issues, particularly for applications that span multiple platforms: If you’re moving an existing application to the cloud, its dependencies on cloud databases and third-party services may be impacted in unexpected ways, leading to slow down and poor performance. Again, you outsourced the infrastructure, but you’re still on the hook for performance.
In a recent IDC survey, 80 percent of respondents reported pulling back workloads from public cloud environments because of such issues. Without proper planning, the process of moving to the cloud is not easy and can result in limited success. Does this mean you should abandon your cloud plans? No, but you should follow a cloud-smart approach to ensure your cloud adoption goes smoothly and efficiently, from selection to deployment.
A cloud-smart strategy includes:
- Defining business goals for cloud migration. Maybe costs do end up being higher, but if you’re gaining speed to market and greater flexibility, those goals might outweigh the cost increase. Don’t go to the cloud because you think everyone else is doing it. Successful cloud deployments must define businesses goals from the start.
- Determine which workloads move and to what cloud. Not all clouds are created equal or cost the same to operate. There are tools available that can help you compare the cost of running your current workloads on AWS vs Azure vs private cloud. More often than not businesses are adopting a multi-cloud approach as they pair the workload to the cloud environment which would work best. Modeling the potential costs in advance has huge advantages as you have visibility on what you need to spend and able to mitigate spikes in data traffic caused by an event such as Cyber Monday in retail.
- Balance the need for access. Cloud services can make it easy to build and deploy new services, but there is a delicate balance between operational needs and access. If the cloud service takes longer to provision than the system it replaced, that’s a lost benefit.
- Governance and security are still important. Yes, cloud providers help with security by keeping underlying systems secure, but it’s still your organization’s responsibility to ensure proper configurations and governance. A missed security configuration could result in a data breach or a violation of regulations, either of which could be very costly to the business.
It’s also important to remember that being cloud-smart means you don’t set up your cloud configuration and forget it. You need consistent, proactive monitoring across your cloud services to meet business and customer demands without worrying about incurring unknown costs or leaving data exposed to malicious attackers. This is where automation can help to reduce the hours IT staff are putting in to monitor your cloud services and freeing staff to develop and create new, revenue-generating services.
Like a cool plunge in this hot summer, your cloud experience can be refreshing if you take a few precautions in advance and continually assess potential risks.
Paul Cant is the Vice President EMEA at BMC Software.