Kong Yang is Head Geek for SolarWinds
It’s been said before and it’ll be said again: The cloud is here to stay, but it’s not for every workload. The results of a recent SolarWinds survey of IT professionals showthat integrating cloud services is easier said than done, with security concerns, the need to support legacy systems, and budget limitations creating significant adoption challenges for many organizations.
Businesses of all sizes have something to gain from implementing a hybrid IT strategy, whether it’s greater agility or simply the relief of shifting a workload or application to the cloud where it can be managed by a team of experts—it’s just a matter of how. On that note, here are the top three barriers to cloud adoption and what to do about them.
Barrier 1: Security and Compliance Concerns
When it comes to the cloud, it’s probably no surprise that security and compliance concerns are considered the number one barrier to adoption. The biggest challenge is overcoming the persistent perception that the cloud is inherently less secure than data that is housed on-premises. The numbers consistently show that public cloud environments are actually safer than physical locations, with a majority of attacks originating inside the organization. Common internal attacks can stem from an employee falling victim to a phishing scheme that introduces malware on the network, DDoS attacks, or even accidental end user errors that stem from an inadequate understanding of potential security threats.
This is not to say that security and compliance concerns shouldn’t be key priorities. Many of the larger providers already implement compliance programs for some of the most stringent policies, including HIPAA, PCI DSS, FEDRAMP, SOX and many others. Every time a provider adds a new service or feature, those compliance certifications must be re-upped to ensure they meet the requirements of clients and specific SLA contracts. How many IT organizations have that level of compliance across the board for on-premises infrastructure?
Half the battle is having an awareness of any potential security threats and ensuring counter measures are in place. You must do due diligence in terms of understanding what is covered with respect to security and compliance for each platform. By having a fundamental understanding of the provider’s approach to securing your data, you can create a solid “handshake” between the data stored on-premises and data hosted in the cloud.
A great place to start is by leveraging the NIST cybersecurity framework that encourages IT professionals to develop a framework—based on existing standards, guidelines and practices—for reducing cyber risks to critical infrastructure. In the hybrid IT era, processes like encryption in flight, encryption at rest, VPN tunnels, monitored user access and accountability are critical to ensuring data remains secure when it’s traveling from your server closet to the cloud and back again.
Barrier 2: Support for Legacy Systems
One of the most intimidating aspects of cloud adoption is the chaos it may introduce into your data center. The cloud is by no means a plug-and-play solution, but, in fact, requires a very strategic and thoughtful approach to implementation. This is further complicated when organizations have legacy systems to maintain. So, how can you redesign your data center to accommodate technologies that best serve the business overall?
You must work together with management to lay out what IT support looks like over the next 3-5 years before deciding which legacy systems your organization should keep and migrate to the cloud or dispose of altogether. Ask, "What platforms will you be supporting? Where is the biggest area of growth? If you choose to migrate any legacy systems to the cloud, what is the monetary impact of that temporary downtime? Do you have the people in place to do a lift and shift or a build-out from the ground up?"
In many cases, the ability to quickly pivot and take advantage of new data center technology is hindered by a lack of skilled administrators to facilitate. You should begin cultivating critical, “next-generation” skill sets like hybrid IT management and monitoring, application migration, distributed architectures, automation and programming, vendor management and others in order to find success not only implementing a hybrid IT strategy, but also in today’s overall IT landscape.
Barrier 3: Budget Limitations
What organization isn’t asking its IT department to do more with less these days? When you consider that IT budgets are decreasing, a shift to the cloud may seem costly when your organization has likely already invested a significant amount of capital and operational expenses into not only your existing infrastructure, IT professionals to manage it. The benefit of hybrid IT is that when implemented strategically, it allows you to run leaner and get the most out of the cloud provider’s services, your existing infrastructure and your budget.
If cost is a significant concern for your organization, you should conduct a thorough review of not only pricing structures in cloud provider SLAs but also leverage monitoring and management tools to track workload allocation and usage metrics for existing on-premises hardware to identify any wasted resources. However, an equal focus should be placed on building administrator skill sets so your organization is able to maintain a hybrid environment once implemented.
For example, it’s possible that your IT department might not have the skills required to stand up and successfully operate a hybrid IT environment—perhaps, as a whole your team is familiar with Hyper-V and vSphere, but not Amazon Web Services, Microsoft Azure or the complexities of SLAs. This is a legitimate concern: Without the proper research and understanding of each cloud provider’s services, features and associated charges, your organization could be subject to a very large bill at the end of your first month.
At some point, organizations that have thus far been wary of hybrid IT and cloud adoption will need to re-invest in their IT departments to avoid becoming bogged down by “tech inertia,” a scenario in which IT innovation is hampered by perceived budget limitations or, as discussed earlier, attempts to preserve legacy systems because “that’s just the way it’s done.”
Your department should be prepared to make a case to the organization’s leadership team for hybrid IT so you’re able to get the required funding to train your teams and move all potential workloads into a test environment then monitor their performance closely. This will help you better understand potential limitations, opportunities for improvements to the end-user experience or cost-savings, etc., before undergoing an entire overhaul. During this process, you should look to cultivate key skills that will help bridge the gap between traditional on-premises management and the skills needed to architect, design and operate cloud services in the most strategic—and lean—way possible.
Although hybrid IT is the foreseeable future of IT—and the reality for most businesses in the near future if not already—getting it is not always an easy task. By conducting thorough due diligence with respect to cloud provider security and compliance certifications, and having conversations with management to discuss future growth plans and an eye on critical skill development, you and your organization can get off to a solid start working toward a cloudy or cloudier environment.
Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating. View previously published Industry Perspectives in our Knowledge Library.