Cloud adoption challenges represent critical barriers organisations must navigate when transitioning to public cloud environments. They encompass complex issues of operational expense control, security compliance, and change management. To solve them you’ll need strategic planning and innovative technological approaches.
Cloud Adoption Challenge 1: Operational Expense Control
Migrating from a mixed CAPEX and OPEX model to a pure OPEX model for your cloud infrastructure is appealing for many organisations looking to spread out their expenses over a selected period. However, the “pay only for what you use” model can still fail to bring predictability to your monthly bills. Even when it helps alleviate many of the capacity planning complexities,
We are not talking about the initial cost shock that some organisations face after migrating. Cloud providers offer extensive pricing calculators. These calculators allow customers (alone or with the help of their technology partners) to estimate the monthly bill quite accurately.
We are discussing how to overspend once you’re already operating in the cloud. With the providers making it almost effortless to provision new resources, not having guardrails on the types of resources and having cost show back or (even better) chargeback can leave you with a headache once your billing cycle ends.
And if, by that time, your teams managed to deploy some production resources there, reducing your costs might not be as simple.
Here are five recommendations to keep your expenses under control:
- When building the solutions for the public cloud, start building them to leverage the higher-efficiency cloud-native PaaS and SaaS services. Invest in the training of the engineers tasked with these activities.
- Employ the extensive governance policies natively available in the cloud provider. These include thresholds for cloud spend and policies to limit what resource types and SKUs can be used by different groups.
- Report the cloud expenditure to each department and individual team.
- Employ FinOps practices and cost-saving mechanisms. This could simply be detecting and stopping unused resources. Or more advanced infrastructure downscaling or complete automated environment rebuilds enabled by infrastructure-as-code.
- Apply the Cloud Adoption Frameworks from either of the big cloud providers. It is one of the best ways to follow a structured cloud adoption and modernisation approach without making the common pitfalls.
Cloud Adoption Challenge 2: Compliance and Security Governance
Regulatory compliance is a sensitive topic for organisations moving to the public cloud. This is true even if they simply move their workloads as they are (rehosting). The public cloud introduces new network components and different access management and moves your data to a multi-tenant pool of servers. This environment differs significantly from a controlled, private environment. Additionally, the public cloud has a public management plane, a component that was previously private or didn’t exist.
In the early days of public cloud adoption, data breaches and leaks were common. Headlines often read “Bank’s customers’ data exposed on cloud storage” or “Data leaked after company migrated to the public cloud.” These breaches and leaks were almost always caused by customer access misconfiguration. Cloud providers have since improved default permissions to be more restrictive. However, ensuring secure configuration remains the customer’s responsibility.
Cloud providers now offer tools to help customers track compliance with industry standards like CIS or NIST. Think of NIST 800-171 or 800-53. Previously, compliance with these policies focused on the workload level within an organisation’s data centres. Now, cloud providers have applied these policies to their IaaS and PaaS services, and the cloud management plane. This makes it easier for new cloud users to understand security compliance requirements and adapt their practices.
Challenge 3: Change management
Cloud technologies are enablers. They allow you to build huge solutions that millions of customers can use. Cloud technologies also allow you to destroy these solutions just as rapidly. In such an environment, it is important not to lose your change management processes. Adapt your processes in a way that brings value while not slowing down the pace of development.
The public cloud allows a high level of automation. Firstly, through declarative scripting (Infrastructure as code). Secondly through end-to-end automation of your software releases with GitOps and CI/CD pipelines. This rapid development is still sometimes seen as somewhat incompatible with traditional ITSM-based change management practices.
Change management practices can be adapted for frequent releases by defining automated guidelines for deployment, testing, and validation. These practices enable multiple daily releases while maintaining control through systematic processes for recording, reviewing, and implementing changes. The most critical changes to production environments can still involve manual gates. Still, the person responsible for the approval would have all the information on automated test results, making their decision well-informed.
Using a more modern introduction of changes like canary releases also helps minimise the risks.
Learn how to manage your cloud environment.
Read our latest ebook and learn how to manage your cloud environment effectively. Discover the 8 key considerations for successfully managing cloud environments.
