Public cloud offers speed, new technologies, visibility, faster time to market and scalability, all essential in developing digital solutions more effectively. However, you need to prepare in order to successfully adopt it. Otherwise, you could face issues such as security breaches or cost-increases. Here are my tips and best practices for adopting and managing public cloud.
As the popularity of public clouds such as Azure, Amazon AWS and Google Cloud grows, organisations have started to realise that the traditional service management models and practices no longer work. The speed and ever-changing nature of cloud services require efficient management practices.
By taking the following steps, you will be able to adopt public cloud smoothly:
1. Define a cloud strategy
Start your cloud adoption by defining a cloud strategy. A good cloud strategy contains motivations for adopting cloud services, main choices for e.g. technology, migration and restrictions, and desired business outcomes with clear targets. The alignment with organisation’s business strategy guides you through cloud adoption.
In case you are already in the cloud but do not have a cloud strategy, do not worry. A cloud strategy can be formulated at any stage of your journey. It should also be reviewed regularly and revised along with the new requirements.
2. Plan the sourcing of your cloud solution
Your cloud strategy should give you an understanding of whether you should choose a one cloud or multi-cloud approach. In general, the multi-cloud model provides more variety of services but is more complex to manage than a one cloud approach.
Moving into the cloud also means you will need cloud-related services such as cloud brokerage, platform management, event monitoring, incident management and migration services. You will need to plan which ones your IT organisation can provide, and which need to be sourced outside.
If your organisation acts as a cloud service provider, you need to ensure that you have required competences in-house. On the other hand, efficient vendor management is essential should you decide to outsource. You also need to contractually ensure access to your cloud platform resources. Public cloud enables visibility under the hood, and I strongly recommend you take advantage of this.
3. Understand security risks and plan accordingly
Cloud platforms provide modern, centralised tools to implement security policies and identity and access management in the platform with minimum manual effort. Even so, security is still a main concern in cloud adoption for many organisations. It is very important to understand the security risks and plan actions accordingly. You must have clear guidelines for cloud utilisation to ensure security and compliance. These are the key areas of cloud security management:
- Data restrictions: By classifying your data you can define what data can be moved to the cloud – and what cannot.
- Identity and access management: Enforce identity and access policies and apply role definitions (RBAC) in your cloud. Ensure visibility.
- Security policy management: Implement practices to ensure your security policies are implemented and kept up to date.
- Security assurance: Audit your vendors for compliance and security, monitor your cloud security and implement a security incident management process.
- Early collaboration: The earlier the collaboration between Business, IT and Security is initiated the easier it is to consider security aspects in all phases of cloud adoption.
- Balance between agility and control: Implement automated, proactive controls in your cloud to keep your environment secure yet productive.
4. Avoid increasing costs with clear cost governance
Cloud cost management is another major concern for organisations in cloud adoption. The dynamic nature and complex pricing of cloud services poses a risk for cost increases. This can be avoided with clear cost governance, which is responsible for visualising cloud costs to stakeholders and optimising the cloud resources to eliminate waste and inefficiencies. This requires good collaboration between IT, Finance and Business and a tool to support visibility and decision making.
5. Adjust SIAM practices to suit the speed and agility of public cloud
Service management and integration (SIAM) defines how to manage services in a multi-vendor environment. SIAM is responsible e.g. for service catalogue, seamless integration of services and managing incidents and changes. The SIAM practices are still needed even when moving to public cloud, but they need to be adjusted to support the speed and agility of the public cloud.
You need to decide how cloud services are provided to developers considering the speed and ever-changing nature of public cloud, for example. Also, support models should be adapted to a rapid change of services and a DevOps way of working. A feasible use case is to give developers access to public cloud resources with automated controls implemented in the background. This requires clear guidelines and continuous maintenance of the cloud platform.
A faster, more controlled path to adopting public cloud
The best practices I described above define a Public Cloud Management Model for organisations, which is a good start. In addition, it is essential to implement these practices as a way of working and continuously manage and operate the cloud environment according to the guidelines.
A good way to do this is to establish a Cloud Management Office. They are a team of cloud experts who specialise in maintaining a consistent, cost efficient, and secure cloud platform by tracking the cloud usage against the defined metrics and continuously improving the performance. It is essential that this team has the ability to make decision on optimisation and can identify future opportunities by reviewing new cloud technologies in addition to having technological know-how.
With the Public Cloud Management Model and Cloud Management Office you can ensure you have control of your public cloud and accelerate the cloud adoption in your organisation.
To summarise, there are 3 basic principles to succeed in public cloud governance:
- Make public cloud available in your organisation, ensuring the speed and agility.
- Track the usage of your public cloud, its total costs, security and right sizing.
- Build efficient support and service integration model for good user experience and productivity.
Curious to learn more on how to adopt and manage business technologies smoothly?
Minna Joensuu is experienced public cloud governance and management specialist and public cloud management concept owner at Sofigate. Her long experience as service director gives her great insight on how to tackle the challenges related to productivity, smooth integration of services and customer experience.