Getting Lost on the Journey to the Cloud

Photo by Samuel Zeller on Unsplash

Nearly every future-thinking business these days is making the migration to the cloud. Gartner predicts the global market for cloud services will grow to $330 billion by 2020, up from $180 billion just one year ago. Despite the prevailing narrative, getting to the cloud is difficult. You don’t charter a private jet and soar straight to the clouds in a climate-controlled cabin. It’s more like a harsh climb up Mt. Everest. You need to plan carefully, pack the right equipment, and, ideally, assemble an experienced and effective cross-functional team to lend their navigational expertise. There’s danger in the cloud for those who are ill-prepared.

Like any grand adventure, the first question you should ask is: “Why are we doing this?”

Every company has common and unique workloads, and every cloud has common concepts with unique quirks. (But more on that another time). For many companies, the destination is a multi-cloud world, which adds complexity. For others, simpler solutions will work. Determining your company’s “why” will help you choose your path.

There are a lot of presumptions when it comes to cloud migration. Three of them are particularly pernicious. If your “why” starts with any of these, it’s time to take a step back and reevaluate:

Presumption 1: The cloud is cheap.

At first glance, the pay-as-you-go model of cloud computing is appealing and easy to understand. You use compute power, you pay. If you don’t, you don’t. For most companies, though, it’s much more complex, and hidden costs lurk at every corner.

Two things lead companies into the cost quagmire: under-planning and moving too fast. The on-premise mindset and unfamiliar cost structures of the cloud make planning difficult for many and leave people spending very inefficiently. The line between underprovisioning, not spinning enough services to be effective, and overprovisioning, buying extra capacity just in case you need it, is difficult to find. Many implementations rarely think through how much their utilization will change over the course of the coming months and err on the side of buying more now versus worrying later. Free trials or promotional costs often go unnoticed when they expire, which can have an immediate spike in costs as well.

Too often company leadership — in the C suite or boardroom or both — wants to move quickly to the cloud, leading to hastily signed contracts and a poorly executed migration that costs the company time and money. They compound problems by failing to put the right resources behind the transition or keep an eye on transactional costs. The complex, opaque pricing models that are typical in the industry spell trouble for unprepared companies rushing to the cloud.

Presumption 2: The cloud is easy to secure.

Despite the prevailing narrative, cloud security is still very much early-stage. Businesses try (and fail) to take their on-premise security products and retrofit them to their cloud environment. For the past decade, security providers focused on securing the perimeter. The move to the cloud tosses out the traditional security playbook IT departments were accustomed to — and with that goes a lot of on-premise security products and methodologies they know and trust.

Cloud security requires an entirely new approach. Cloud providers now bake in many native security features, if you know where to look. This is a positive move towards IT and security working closer together. But, the cloud carries its own set of challenges, including: authentication, application security, and importantly, employee education. Cloud services are becoming widely accessible to employees for fast, parallel use across teams, often without any green light from the IT department. To maximize speed, data is then spread ad-hoc throughout various cloud services, with little oversight or forethought. This proliferation of where the companies information and data are stored increases attack opportunities and underscores the importance of having visibility of events happening across the network and cloud. You can’t protect what you can’t see.

Presumption 3: The cloud guarantees better availability.

Instantly scalable and indefinitely reliable. Sounds great, right? Unfortunately, underneath the veneer of simplicity exists significant complexity hidden from view. Like building blocks, some high-level cloud services are built upon lower-level services. However, most cloud vendors do not transparently explain these dependencies. For example, let’s say your workloads exclusively use Amazon Elastic Kubernetes Service (EKS). Your infrastructure team monitors for EKS service outages. Then, an AWS Simple Queuing Service (SQS) outage happens in your region. Because your team doesn’t use SQS, they ignore this outage — until EKS starts failing unexpectedly. This can happen if EKS (hypothetically) uses SQS internally to function.

While rare, cloud outages and downtime still happen. But, so far, cloud providers have the privileged position to disclose disruptions as they see fit: typically at a very high level with the least amount of data. This makes it difficult to draw meaningful analysis on subsequent availability and reliability to workloads. Why aren’t these disclosures more transparent?

Outside of issues you can’t control, the bottom line in availability comes down to how your engineers — the architects of this new data world you’re building — design your clouds. Cloud engineering should be about more than launching a virtual machine or container. Companies should be purposeful about the services they use, on what clouds they choose, and why they use them. Overprovisioning as previously stated is one of the cloud’s major performance pain points; this alone could eat up the cost benefits of a cloud migration. Engineers often feel they must show, beyond a doubt, the journey to the cloud was worth it and that the cloud is delivering the performance they guaranteed. As a result, they overprovision and overpay “just in case.”

Figuring out your Why

The move to the cloud should be about more than simply saving money, outsourcing security, or incremental performance gains. A well planned, strategic shift to the cloud can open up new value channels for your organization and the customers you serve.

Don’t move to the cloud for the sake of shuffling around workloads. Rather, go into it with a plan to transform how the organization operates holistically under a new cloud model. Go into it with a plan to give your customers a better experience. Get your business to operate more efficiently. Be specific: Identify and prioritize areas of greatest value.

What I’m seeing from the smartest organizations is they are using the cloud at first to develop and create new applications, in order to get some quick wins. They are also simultaneously slowly and methodically migrating their legacy applications to the cloud. The cloud opens up realms of flexibility that the on-premise world does not. However, for the next 10 years, we will be in a hybrid world. More on that in a few weeks.

Thoughts on the changing landscape of security/IT/cloud, creating startups and thinking differently. CEO/Co-Founder Insight Engines: