The shift to cloud-based infrastructures and services isn’t an easy one. Sure, there are plenty of opportunities: lower costs, increased agility and the freedom to refocus your IT staff on your core business. However, with every opportunity comes a corresponding risk, including but not limited to security challenges, downtime and a loss of IT control.
It’s no wonder that CIOs and IT managers continue to hem and haw like Hamlet when asked about the cloud. One day, they’ll tell you they’re aggressive about the cloud, before backing off the next day and stressing the need for caution.
A recent cloud survey by Dimensional Research (commissioned by Host Analytics) found that CIOs and IT executives express a mixture of optimism and concern about cloud computing.
“Businesses are investing heavily in cloud computing today,” said Diane Hagglund, senior research analyst for Dimensional Research and the study’s author. "Our research reveals high optimism and expectations among CIOs and IT executives for cloud adoption and value, but also hurdles, including the anticipation that IT will end up operating cloud applications bought by other areas of the business and without input from IT.”
While 92 percent of respondents believe the adoption of cloud technologies is good for business, nearly as many (88 percent) report struggling to make SaaS business applications work properly. A full 67 percent believe that cloud technologies will help IT deliver better systems for less money, but 69 percent say their companies still work primarily with on-premise applications.
No matter how cautious IT wants to be about cloud adoption, the decision of whether to embrace the cloud is often out of their hands. If the business side of the organization decides the cloud is a silver bullet that will cut costs and increase value, it won’t be long before cloud migration is mandated.
Secret 1: Start the migration with developers and IT, and use them as migration models.
One of the main advantages of moving to the cloud is that IT can transition from a role that mostly consists of putting out fires and conducting laborious maintenance to one that allows them to refocus on their organizations’ core business goals.
It’s hard to innovate around business objectives when you’re busy configuring routers, applying patches, resetting passwords and administering complex CRM, ERP and SFA applications. However, it can be equally hard to overcome the worries about cloud computing that come from other departments. HR may worry about privacy issues, while the COO may (rightly) fret over things like IP theft.
With any major technological shift, it’s wise to start small and build slowly but surely on early gains. The fact is that in many organizations, developers are already using cloud platforms, but they’re not bothering to tell the larger organization about this.
And the cloud has seeped into the enterprise in other ways, as well. Are you using Salesforce.com, Google Apps, SharePoint Online or Marketo? Are you using Dropbox or Box to help you work when away from the office? If so, you’re already embracing the cloud.
What IT needs to do in order to smooth the migration to the cloud is make users aware of these facts.
IT should pick a few applications that have high administrative burdens and move them into the cloud, one at a time. Then, IT can serve as a proof of concept, which will help convince the rest of the organization that the shift to the cloud is in its best interest.
Secret 2: Use the migration as an opportunity to enhance the value of IT.
IT may not always have a rosy cloud outlook. Many IT pros will worry about job security during a shift to the cloud. Meanwhile, certain departments may worry that they’ll cede control in the shift.
There’s no question that IT’s role within the organization will change, and some specialties may disappear.
AlertBoot, a data encryption vendor, moved its entire business into the cloud. “We used to have EMC and Cisco contractors we used on a part-time basis, but since we moved operations to the cloud, we haven’t needed their services,” CEO Tim Maliyil said. AlertBoot ended up saving $100,000 per year in consulting costs, and overall saves $85,000 a month from shifting to the cloud.
However, Maliyil believe that IT resources are now spent more strategically. IT can focus solely on innovation and better serving customers.
Kevin Bocek, VP of marketing for CipherCloud, believes that the shift to the cloud is an opportunity that should be embraced by IT.
“Cloud computing gives IT the opportunity to move from boiler room to captain’s chair,” Bocek said. IT’s role will definitely change. IT pros will need more general business skills in coming years, and far better communications skills.
In fact, the nature of IT has already changed dramatically. “Ten years ago, CIOs started out as application developers,” Bocek said. “Today, it’s more common for them to get their starts as business analysts.”
IT can either see cloud as threat to their job security, or they can see it as an opportunity to elevate themselves into more valuable roles.
Secret 3: Develop a rock-solid plan for data ownership and protection.
As the recent LinkedIn breach makes all too apparent, cloud data is a juicy target for hackers. It’s one thing to target a mid-sized company that may or may not be worth an attacker’s time; it’s quite another to target a cloud provider that is storing data for hundreds or thousands of organizations.
“The most important considerations going into any cloud engagement are figuring out who can access data, how that data will be protected, and how the provider will prove the data has been protected through regular auditing,” Bocek said.
One CipherCloud customer turned to them in order to tackle those very concerns. After an acquisition, a major U.S. bank (which prefers to remain anonymous) became one of the nation’s biggest mortgage and loan servicers. They gradually began the complex process of integrating people, processes and technologies between two Fortune 500 firms.
Rather than developing a custom on-premise consumer loan portal, the bank started exploring public cloud platforms to improve time-to-market and lower costs. The Salesforce.com Customer Portal seemed to meet all their business needs; however, it did not meet the bank’s security standards.
The bank faced two main concerns. First, sensitive documents uploaded by loan applicants, including W2s, pay stubs and financial statements, needed to be stored in encrypted databases. Second, any data uploaded by “un-trusted” parties (including loan applicants) needed to be scanned for malware. Unfortunately, the legacy malware solutions deployed at the bank were not capable of scanning documents in the cloud.
The bank eventually deployed CipherCloud’s data protection gateway to encrypt and protect data and ward off malware.
Other factors that must be addressed include strong authentication, fraud detection and data-loss prevention. Fortunately, as the cloud evolves, these types of advanced protections are becoming services that can be easily added to public clouds. Sometimes, they can even be consumed as add-ons.
Secret 4: Figure out how to improve uptime and performance.
Most of us have felt the frustration of a slow Web site, or one that constantly crashes. When you’re making purchases or conducting important business, this could lead you to ditch that site in favor of a more reliable competitor.
It’s not a simple problem to solve, though. Web pages are more complex these days. End users favor multiple browsers, and users could be coming to the site from mobile devices.
The adoption of cloud computing adds to that problem. Sometimes this means lost dollars as consumers go to a faster site to make purchases. Other times, this could mean completely losing a customer to a competitor.
However, moving to the cloud is an opportunity to improve the end-user experience. In your own on-premise data center, if there is a regional outage, you’re probably offline. In the cloud, if you have proper zone or regional failovers in place (and can also you use the cloud to failover from your on-premise infrastructure), the risks of outages and downtime can be minimized.
When AlertBoot moved its business to the cloud, it was worried about application latency and the potential for downtime, both of which could be disastrous. To address this problem, AlertBoot deployed Riverbed’sStingray 9.0, a virtual application delivery controller. Since Stingray is software based, it gives AlertBoot the flexibility to jump between clouds should they need to do so in the event of a failure. The device also integrates web content optimization, which helps accelerate content delivery to improve the end-user experience.
“If you can avoid downtime, deliver content quickly to end users anywhere in the world and achieve application portability, the move to the cloud more than justifies itself,” Maliyil said. “However, to achieve those goals, you almost need to rethink, from the ground up, what your infrastructure will look like. The cloud offers the opportunity to correct all the infrastructure mistakes and compromises you made in the past.”
Secret 5: Avoid vendor lock before you start the migration.
It’s important to realize that you will most likely not rely on a single cloud provider. Rather, you will eventually use many clouds. You may develop your own private cloud services for internal users, while relying on a public cloud provider for app development and various customer-facing services. Meanwhile, more and more of the enterprise applications you depend on will stop being delivered as on-premise, server-based solutions, but will instead be delivered as SaaS.
Remember those bad old days of vendor lock? You were a Cisco, Juniper or Alcatel shop, and you were pretty much stuck with your original choice for the foreseeable future. Well, plenty of cloud providers are looking to reignite an era of vendor lock.
Thus, it’s important to knowbefore engaging with a cloud provider how you will get your data out of their cloud should you need to move to another provider, or even reuse the data in some other app.
The Google-backed startup CliQr Technologies, which just emerged from stealth mode this week, hopes to solve this problem. "Many businesses have found [the promises of cloud providers] too good to be true,” said Gaurav Manglik, CEO of CliQr Technologies. “Migrating their existing applications has been costly and complex, often involving cloud-specific re-coding, virtualization and, once on the cloud, sub-optimal performance.”
Manglik claims that CliQr's CloudCenter changes all of that. CloudCenter ports applications to the cloud and then monitors them for performance and security. It includes an abstraction layer that lets businesses avoid the trouble of recoding apps for each and every new deployment. CliQr claims that most apps can be migrated to the cloud (or shifted to a different cloud) in under a day.
Bonus cloud migration secret: Take the time and devote the resources to getting your cloud migration right. Moving to the cloud confers all sorts of advantages, but one false step can erase them. It’s doubly important to get your cloud migration right – and do so now – because in the not so distant future you’ll have a roadmap for when you have to do this all over again for mobile.