Requirements of a Cloud-First Strategy?
The Cloud: What do you really need to think about prior to jumping in? The momentum for Cloud and 'Cloud First' thinking has been building for some time now, but not all are in a rush to embrace either. For example, in Canada, where I’m based, we’ve seen a much more wary and delayed approach to adoption. This attitude is primarily tied to data privacy and sovereignty rules in place, and a shortage of providers able to guarantee resilient localized copies of the data in their cloud. The concern of data in the cloud crossing borders is not just a Canadian one, but an issue faced by many global/multinational organizations. These organizations must adhere to myriad rules when faced with the possibility of data transitioning between nations.
The challenge to developing a comprehensive 'Cloud First' strategy is echoed in Joseph Ortiz’s recent commentary that “very large organizations may find that a whole migration may not be viable.” He goes on to cover a number of points on the matter that mirror my own thoughts. I have several 'keys to victory,' if you will, which are necessary requirements in order to build out a successful cloud-first strategy.
Data Sovereignty: I see this as an extension of the security discussion. One point of hesitation in the adoption of cloud for very large organizations with data outside of the U.S. has been the lack of local cloud data centers. I know firsthand that, for Canada, the recent opening of offerings from Microsoft - and soon from AWS - have those of us up north chomping at the bit as we see broader enterprise choices for cloud within the country. Similar concerns in EMEA and APJ are also being addressed as the cloud providers in the market continue to expand their geographical locations. This is a challenge that will be eliminated in the upcoming years.
Controlling Cost: For very large organizations, being able to rapidly scale up in the cloud is an incredible benefit to leveraging it, but unchecked it can exponentially scale up your costs as well. Being able to not just limit/restrict who can create what in the cloud, but also define the lifecycles of that data or virtual machine, is key here. If you can deliver the means for your clients to self serve but also expire those resources automatically when the job is done, then you have a very cohesive cloud strategy that is key to large organizations' successes in leveraging the cloud.
Proper Data Protection: Just because you made the move to the cloud does not mean that you can shirk your responsibilities as an IT organization. Does your provider offer similar coverage and SLAs to what you offered your clients within your own four walls? Recently I was involved in a discussion about a customer who negotiated, as part of a cloud-first business initiative, a service provider contract that inadvertently included no backup and no disaster recovery. It was an oversight the provider was looking to fix with their own approach that did not meet the existing SLAs the client had. We are in the process of working with the client to extend their current Commvault solution to include coverage of their new cloud solution, thus ensuring that 'Cloud First' did not also mean 'protection later.' Make sure that as you extend your infrastructure to the cloud, that you also extend your coverage. If there is a gap between your standard SLAs and those of your providers, then you need to fill that somehow. Can your existing IT solution extend just as easily to the cloud? If not, how can you?
In the end, understanding that cloud is not just a location or a 'thing,' but a transformative process, will help you to wrap your head around what you need to construct as a strategy for making use of this powerful tool. It is my hope that you look to Commvault to be a partner to help enable that change.