Nearly every business is in the cloud, but not every business is doing it right.
According to Flexera’s 2021 State of the Cloud Report, 92% of businesses have a multi-cloud strategy. Eighty percent of organizations employ a hybrid cloud strategy, utilizing some mixture of public and private clouds, while, on average, companies use roughly 2.6 public clouds and 2.7 private clouds.
Yet, for all the many business reasons companies choose the cloud, there remain common mistakes that many continue to make. In doing so, they open themselves up to countless business and reputational risks.
In this post, we’ll outline three common cloud mistakes and offer tips to help you avoid making them.
1. Not sizing bandwidth to meet business needs
Connectivity is key. If you choose the wrong connectivity, you will degrade the end user’s experience. This will ultimately undermine the quality of service you’re trying to offer.
Nothing ruins a cloud — or really any computing experience — like sluggish application and internet performance. When moving to the cloud, you must have a realistic understanding about the amount and quality of bandwidth your firm really needs.
Unfortunately, many organizations fail in this regard. Why? Because they don’t consider the network implications of data leaving the cloud.
Egress charges are the cost for data leaving the cloud provider. These will typically make up a large chunk of your cloud expenses. On average, data egress is charged at 10 cents per gigabyte. Moving 25 terabytes out of the cloud to your on-premises data center or another cloud provider could cost $2,500 in egress fees through the public internet (even via a virtual private network).
There are many examples of applications that may create data-egress costs. Restoring backups in the cloud to an on-premises location, hosting a website and delivering web content into someone's web browser, and consuming remote desktops hosted in the cloud are just a few. They all add up.
Network connectivity needs to be flexible. That way you can improve agility and respond faster to changing business conditions.
Work with a provider that can give you high-performance, low-latency connectivity that can be scaled up or down on demand. This will allow you to respond to workload fluctuations and changing business demands in real time, while also preventing bill shock.
2. Not planning for applications
Oftentimes, organizations view the cloud from a “server” perspective rather than from an “application” perspective. That can get you into trouble.
The term “cloud” remains nebulous, as cloud implementations include ever-changing technology offerings. This can make it difficult to discern how to optimize a cloud solution to meet your business needs.
The needs and goals of each organization and industry differ, making it impossible to adopt a one-size-fits-all cloud strategy, or even the same strategy for each workload within your organization.
When making a cloud-hosting decision, be sure you understand your workload attributes – performance, security, integration and data volume – and consider the cumulative impact of these on your workload-placement decisions. During the decision-making process, factor in the following:
- Business considerations. Top business problems that your organization is working to solve, and the main use cases you want to enable or enhance, including time to market, agility, and legal and regulatory
- Technical considerations. Attributes like performance, security, integration, data volume and workload elasticity
- Ecosystem considerations. Factors like software as a service maturity, cloud service provider offerings or the market accessibility of cloud expertise
- Other considerations. Consider existing applications and their cloud-readiness, application licensing, global data center operations, and organizational practices, like disaster recovery and business continuity
Some applications are better suited for public cloud, while others are better in private cloud. By focusing on application needs, rather than server needs, you’ll be able to make the best decisions for your business.
3. Not adapting to the cloud security landscape
When adopting cloud, organizations often implement new technology without fully understanding it and updating their security posture to match. This makes them susceptible to all sorts of risks.
Here are four common cloud security mistakes and how to solve them:
- Granting overly broad permissions. Rein in your permissions by adopting a least privilege access approach. That way access is limited to only those who need it to do their job. If someone does require broad permissions, make sure those accounts are locked down with multi-factor authentication.
- Storage misconfiguration. To limit the consequences of storage misconfigurations, employ encryption anywhere you can, including the encryption of your storage at rest. That way, if encrypted data is stolen, it will be unreadable by hackers.
- Inefficient application protection. Firewalls were once considered sufficient perimeter protection. Not anymore. A traditional firewall can be locked down to allow web traffic through only on a specific port. In many cases, that’s all a hacker needs to compromise your network. To properly protect your applications, implement effective patch management and web application firewalls (WAFs). Make sure you’re carrying out regular scans, maintaining visibility and automating your patching process. Using WAFs will also allow you to assess the nature of a person trying to access your network as well as the port the traffic comes in.
- Compliance issues. When moving to the cloud it’s important to know which countries your data will be processed in, what laws will apply, and what impact they will have. Then, follow a risk-based approach to comply with them. Enable compliance and application-level monitoring and assign an owner. That way you can easily track your organization’s compliance posture in the cloud, automate audit evidence collection, and catch misconfigurations that leave you vulnerable for non-compliance.
Increasing cloud adoption is on the horizon
The move to the cloud is accelerating – especially since COVID-19. Per a Centrify survey, 48% of businesses sped up their cloud adoption plans because of the pandemic.
But as more and more businesses turn their attention to the cloud, there’s a greater chance of falling victim to some of the most common cloud mistakes. By keeping these tactics in mind from the start, you’ll be better positioned to maximize the benefits of the cloud.
