Organisations are increasingly recognising the overall value of moving to the public cloud. Benefits include more agility, the ability to leverage innovations and the potential to get ahead of competitors. As a result of this new normal, there has been a surge in companies enabling a work from home environment.
IDC predicts that cloud spending will continue to increase: “Total infrastructure spending (including cloud) will increase by 5.3%, but all of this growth will come from enterprise spending on infrastructure as a service (IaaS) and cloud provider spending on servers.”
Despite the real benefits, adopting the public cloud is not without its challenges. Most organisations are faced with three main challenges once they make the jump: achieving significant cost savings, maintaining the control and security of their data, and fixing the lack of centralised governance.
The good news is that organisations can overcome these challenges if they have the tools and processes in place to keep up with the constant innovations in the public cloud market – and quickly changing needs of their business.
Managing cloud costs
According to research conducted by Gartner, “through 2020, 80% of organisations will overshoot their cloud IaaS budgets due to a lack of cost optimisation approaches.” It’s difficult for CIOs in this position to face the reality that getting control of public cloud consumption once their organisation has made the jump can seem almost impossible.
Many find it challenging to pin down everything that’s happening across the organisation, as cost is no longer a capital expenditure. The cloud is an ongoing operational expense that organisations need to optimise and adjust based on changing needs and demands continually. This is a huge shift in thinking compared to the management of on-premises infrastructure.
With many public cloud providers continually releasing new updates and enhancements, organisations that don’t consistently manage their instances could end up wasting money — the opposite of what cloud providers promised.
The first step in getting control of a business’s public cloud consumption is to understand precisely which employees have deployed cloud instances or applications and what they commonly use. A cloud management platform can help discover cloud resources and enforce the tagging strategy necessary to classify and properly manage the lifecycle and costs of those resources. Once IT teams have a foundation in place, the management platform can monitor, measure and optimise cloud assets without impacting the pace of development or impeding innovation.
Unlike with traditional on-premises environments that were mostly static, optimal management of cloud deployments is an ongoing process. Cloud providers are constantly introducing new offerings to the market. An optimal choice today may not be optimal tomorrow, so it’s imperative to continually and repeatedly monitor, measure and optimise cloud workloads. That’s where rightsizing comes into play, ensuring employees are using the appropriate amount of computing resources.
Non-production workloads should be powered off or downsized when not in use, allowing the engineering team to use public cloud resources when necessary, as opposed to running those resources 24/7 and letting costs get out of control. By continually monitoring and optimising how and when cloud workloads run, organisations can more successfully close the cost gap.
When moving to the public cloud, companies must evolve their security processes, as a locked-down data centre and perimeter firewall can no longer solely protect sensitive data. The easiest way to maintain control during this journey is to get the security team involved in the process from day one. Involve the team during the planning stage and throughout the application lifecycle instead of consulting them as an afterthought.
By involving security teams from the beginning, organisations can mitigate vulnerabilities and minimise the potential of cyberattacks, monitor every application deployed across the organisation and continually scan cloud environments. In doing so, IT teams are able to secure and control data in the public cloud.
Security in the public cloud is a shared responsibility. The information security team must collaborate with cloud providers and with the engineering and platform teams to ensure the enterprise has a strong security posture.
Absence of centralised governance
If there’s no centralised governance, it’s impossible to understand who owns public cloud resources, how to assign resource costs and know when they can be decommissioned. This also doesn’t mean that IT has to retain full control, especially in a time when business-led IT is a part of many organisations.
Traditionally, we’ve looked at chargebacks as more of a showback and shameback idea in which a value is allocated beside resources, hoping to change people’s behaviour. However, now that there are real costs associated with these resources, the public cloud is the compelling event for influencing business unit or group behaviour.
This is where traditional IT can join with security and business teams to provide centralised governance and reporting, effectively managing public cloud resources and making sure all usage is accounted for. IT teams should aim to create guardrails, not roadblocks, because employees will work around obstacles that prevent their work from being done.
Successful teams must utilise the public cloud in ways that meet organisation’s cost, security and compliance checkboxes. Working with, not against, business units across the organisation helps strengthen their relationships with IT and security so that both teams can play a vital role in the development and delivery of enhanced product capabilities.
Public cloud will continue to be a valuable and strategic business initiative over the next five years. However, we must remember that some organisations drive employees to adopt this model to foster innovation rather than save money. To achieve the many benefits the public cloud offers, organisations must have the right tools and processes in place from day one to achieve true agility.