The challenge of managing the cloud in the enterprise [Q&A]
It's an increasingly rare business today that has all of its IT on its own premises. The cloud has led to many systems being moved off site and also contributed to the growth of shadow systems.
How can business manage these challenges and make sure that they're not putting their information at risk? We spoke to John Purrier, cloud visionary and CTO of business automation company Automic Software to find out.
BN: Is there an increasingly blurred boundary between private and public clouds?
JP: We are definitely seeing an accelerated convergence between traditional on-premises data centers and multi-tenant public clouds, giving rise as well to managed single tenant hosting and single tenant isolation on public cloud infrastructures. Private data centers are increasingly being managed and consumed through cloud and DevOps technologies, and the public clouds have made great strides in security, data protection, and the ability to isolate tenants from one another for both security and performance considerations. Over time, this convergence will provide greater choice to enterprise IT organizations in allowing them to place workloads and data where it makes most business sense rather than being forced by the technology architectures.
BN: We're seeing more and more analytics solutions aimed at systems management. Is this the future and can we expect more automation?
JP: This is one of the most exciting aspects of the digital transformation taking place. We are moving toward more dynamic and real-time analytic feedback into the automation processes controlling IT workflow and management. This allows the control systems to make decisions on workload placement, environment creation/destruction, data storage, network routing, etc. based on the actual state of the entire IT environment rather than following statically defined scripts. As we increasingly instrument our networks and environments, such as with the Internet of Things (IoT), we will increasingly use this real-time data to continually improve business efficiency through automation.
BN: What are the biggest challenges for companies considering a shift to the cloud?
JP: As enterprises look to make their own digital transformations there are a few critical questions to be answered:
1. Adopting cloud technologies and potentially moving applications and data outside of the corporate firewall is a technical challenge, but the larger challenge is cultural. The move to the cloud requires process and procedures that need to be made integral to the IT and company culture to be successful. The internal evangelism and adoption of cultural change is probably the biggest challenge.
2. A realistic inventory of existing systems and processes needs to be done, and decisions made as to whether current applications and data systems a) stay where they are and are maintained, b) moved to cloud architecture and frameworks, perhaps through PaaS or other application tooling, c) sunsetted and retired, or d) re-implemented as cloud-native applications. Orchestration automation is a valuable tool in making the existing systems continue to run seamlessly while investing development and operational resources toward the cloud-based systems.
3. In working with Enterprises on their application journey to the cloud common patterns for best practices have emerged. Taking significant, but non-business critical applications such as marketing sites, brochure sites, and short lived campaigns initially and running these as pilots gives teams a good feel for new cloud-based processes and tools. These pilots also allow for simultaneous deployment of DevOps tooling and processes. Through an iterative cycle of develop/deploy/retrospective-learning organizations find their own rhythm and cadence for cloud-based deployments.
After the pilot period then the processes can be scaled up to rapidly move more applications, moving from non-business critical to mission critical. At this point it is critical to have a solid DevOps and Operational automation strategy and implementation to ensure repeatable and reliable deployment pipeline processes.
4. Understand that cloud system management, orchestration, and automation tooling will increasingly allow multiple data centers and multiple cloud infrastructures to be part of an overall Enterprise IT solution. This will allow truly level playing fields amongst the providers, preventing lock-in and giving the Enterprises the governance, insight, and control they need to accelerate their business.
BN: What do IT managers need to look for in potential cloud providers?
JP: It is key that IT managers understand the network security, tenant isolation, and data security models of the cloud providers they are thinking of engaging with. Additionally, if applicable, CSP policies allowing data sovereignty and regulatory compliance should be explored. These are the big concerns many Enterprises have with going outside of their own firewalls. Next up would be performance and uptime SLA agreements, along with support policies and issue escalations.
BN: How should providers address legitimate concerns over the security of data and meeting compliance requirements?
JP: These are, and have been, the focus of cloud providers for several years. The fact is that CSP's at any kind of scale have more network engineers, security engineers, compliance experts, and operational personnel than most companies that run their own data centers. The providers should be able to walk through their policies, technology, and remediation systems in detail to any customer who wants assurance that the infrastructure meets their requirements.
There may always be some combination of requirements that make a company invest in their own data centers and operational teams. This is OK, not everything needs to be run outside the firewall. However, in order to make this truly viable the automation and orchestration systems that provide the governance and points of control to the business need to be architected to be multi-DC and multi-cloud capable.
BN: Do we need to see board level management getting more in touch with how their companies handle IT requirements?
JP: Senior management need to be a strong advocates toward the cultural, procedural, and technological shifts that the digital transformation of their business will require. In order to be competitive going forward all businesses need to accelerate their internal IT operations in order to bring more value to the business. The enterprise IT path forward will increasingly be collaborations between business requirements, development, and operational teams facilitated through automation, analytics, and distributed computing and cloud infrastructures.