By Meg Ramsey
Moving to a cloud-first strategy is a worthy goal. According to Gartner, “If you have not developed a cloud-first strategy yet, you are likely falling behind your competitors.”
But before you jump right into it, you have to make sure you’re prepared for the journey ahead. There are several steps to take.
In an earlier post, I talked about the best cloud solutions and providers for your needs. Now, I’ll focus on gaining executive buy-in and establishing governance. Here’s how to get started.
When discussing a multi-cloud strategy, the terms “multi-cloud” and “hybrid cloud” are often either grouped together or not explained accurately. To me, the two can be distinguished as such:
Understand that these two terms are not in conflict with one another; they go together quite seamlessly. The main point to remember as you’re determining your multi-cloud buying strategy is that you’re going to end up with a hybrid environment.
In order to pursue multi-cloud, you need to look at it from a “framework” standpoint. This is where gaining your executive and business leader buy-in comes into play.
Digital transformation will impact every single person in your organization. This image shows just some of the functions affected on this multi-year journey:
Let this serve as a reminder: You can’t do this alone. Creating peer relationships across the business is one of the most essential tasks. This is just as much a “people and process” change as it is a “technology” change. Because you’ll touch processes across all of your business functions, figure out the most efficient route and the best use of your developers’ time.
This means that going with commercial off-the-shelf (COTS) applications and changing your business processes to adhere to best practices is sometimes better than spending your developers’ time re-coding or re-configuring COTS applications where you’re not differentiated.
Constantly ask yourself what business value is driven by those customizations. Will they bring in more revenue, or is this a process you’ve had in place for years and no one knows why?
“Why” is going to be the most important question of all. Ask this question enough – usually five “whys” – and you’ll get to the root of any process.
Lastly, you’ll need your executive team’s support. This can be a costly program that impacts the business in a variety of ways. You need show them the potential ROI and the business efficiency you can drive by taking this on.
Once you’ve received executive buy-in, you should build a cloud center of excellence. Every business is different, but the following image shows the resources – and responsibilities – of those who should be included in the mix:
Again, this is a full company effort, not just an IT project. You’ll need to include business leaders from other teams so you understand their needs and so they understand what you’re trying to accomplish and how they can help ensure its success.
Ideally, this team will be responsible for the following:
The move to cloud-first is a major culture change for any legacy organization. Your cloud center of excellence team should embrace this and be prepared to lead this change across the rest of the company.
Strong governance is critical when moving from an on-premises environment to the cloud – especially if it’s a multi-cloud environment. Also, set yourself up for success by embracing the DevOps practice of a loosely coupled architecture that is API-driven and automated using infrastructure as code. This allows for consistency and for IT to maintain compliance and operational excellence for the environment.
You’ll want to architect for least-privileged access, and your access policies must describe entitlements to cloud services. Implement group- and role-based policies instead of individual-based, and ensure consistent access to the same type of group across multiple applications. Lastly, in order to manage access policies in a multi-cloud scenario, you must use a federated identity architecture to share identities between cloud providers.
With such an architecture in place, policies can be enforced by leveraging the native cloud provider’s tooling. Most cloud providers allow for programmatic policy configuration, which should be automated as part of the access enablement.
The best way to establish a strong governance practice is to:
Once you’ve developed a cloud-first strategy, gained executive buy-in and established governance and compliance requirements, you’re ready to move on to identifying your full existing application landscape.
But we’ll save that for the next post.
In the meantime, to learn more, check out my full BrightTalk webinar on Creating a Multi-Cloud Buying Strategy.