By Meg Ramsey
Moving to a cloud-first strategy is a worthy goal. According to Gartner, “If you have not developed a cloud-first strategy yet, you are likely falling behind your competitors.”
But before you jump right into it, you have to make sure you’re prepared for the journey ahead. There are several steps to take.
In an earlier post, I talked about the best cloud solutions and providers for your needs. Now, I’ll focus on gaining executive buy-in and establishing governance. Here’s how to get started.
What’s the difference between multi-cloud and hybrid cloud?
When discussing a multi-cloud strategy, the terms “multi-cloud” and “hybrid cloud” are often either grouped together or not explained accurately. To me, the two can be distinguished as such:
- Multi-cloud is not a technical philosophy, but rather a buying strategy to ensure you avoid the risk of vendor lock-in. The idea is to pick a cloud vendor that’s going to work for the majority of your use cases (usually 70-80%), but also build a relationship with a secondary cloud service. This breakdown gives you the best chance to learn the primary cloud service while also providing a secondary buying path should anything happen with your primary destination.
- Hybrid cloud is the ability to run all of your applications in various different infrastructures, especially where they’re integrated and working across public cloud, private cloud and your legacy infrastructure.
Understand that these two terms are not in conflict with one another; they go together quite seamlessly. The main point to remember as you’re determining your multi-cloud buying strategy is that you’re going to end up with a hybrid environment.
In order to pursue multi-cloud, you need to look at it from a “framework” standpoint. This is where gaining your executive and business leader buy-in comes into play.
The importance of business and executive team buy-in
Digital transformation will impact every single person in your organization. This image shows just some of the functions affected on this multi-year journey:
Let this serve as a reminder: You can’t do this alone. Creating peer relationships across the business is one of the most essential tasks. This is just as much a “people and process” change as it is a “technology” change. Because you’ll touch processes across all of your business functions, figure out the most efficient route and the best use of your developers’ time.
This means that going with commercial off-the-shelf (COTS) applications and changing your business processes to adhere to best practices is sometimes better than spending your developers’ time re-coding or re-configuring COTS applications where you’re not differentiated.
Constantly ask yourself what business value is driven by those customizations. Will they bring in more revenue, or is this a process you’ve had in place for years and no one knows why?
“Why” is going to be the most important question of all. Ask this question enough – usually five “whys” – and you’ll get to the root of any process.
Lastly, you’ll need your executive team’s support. This can be a costly program that impacts the business in a variety of ways. You need show them the potential ROI and the business efficiency you can drive by taking this on.
Establishing a cloud center of excellence
Once you’ve received executive buy-in, you should build a cloud center of excellence. Every business is different, but the following image shows the resources – and responsibilities – of those who should be included in the mix:
Again, this is a full company effort, not just an IT project. You’ll need to include business leaders from other teams so you understand their needs and so they understand what you’re trying to accomplish and how they can help ensure its success.
Ideally, this team will be responsible for the following:
- Establishing policies
- Helping with vendor selection
- Determining workload and application placement
- Developing a governance structure for using the cloud
- Creating a knowledge base for the rest of the company
- Maintaining a consistent code repository
- Building a cloud-first community
The move to cloud-first is a major culture change for any legacy organization. Your cloud center of excellence team should embrace this and be prepared to lead this change across the rest of the company.
Create governance and compliance requirements
Strong governance is critical when moving from an on-premises environment to the cloud – especially if it’s a multi-cloud environment. Also, set yourself up for success by embracing the DevOps practice of a loosely coupled architecture that is API-driven and automated using infrastructure as code. This allows for consistency and for IT to maintain compliance and operational excellence for the environment.
You’ll want to architect for least-privileged access, and your access policies must describe entitlements to cloud services. Implement group- and role-based policies instead of individual-based, and ensure consistent access to the same type of group across multiple applications. Lastly, in order to manage access policies in a multi-cloud scenario, you must use a federated identity architecture to share identities between cloud providers.
With such an architecture in place, policies can be enforced by leveraging the native cloud provider’s tooling. Most cloud providers allow for programmatic policy configuration, which should be automated as part of the access enablement.
How to establish a governance practice
The best way to establish a strong governance practice is to:
- Identify your governance team. This team should look similar to your cloud excellence team, except the business leaders are more informed participants, rather than active participants. Establish a shared responsibility among your application development team, your compliance and regulatory team, and your audit team.
- Create and define high-level governance principles and practices. Programmatically enforce them.
- Develop audit processes for compliance and performance. Maintain a continuous feedback loop to ensure you’re adhering to your audit requirements while delivering an efficient experience to your end user.
Once you’ve developed a cloud-first strategy, gained executive buy-in and established governance and compliance requirements, you’re ready to move on to identifying your full existing application landscape.
But we’ll save that for the next post.
In the meantime, to learn more, check out my full BrightTalk webinar on Creating a Multi-Cloud Buying Strategy.