There’s a great deal of chatter out there about the cloud computing models, differing views and speculation about winning technologies and drivers of cloud adoption, as well as the direction of the industry. Looking back at how far we’ve come over the last several years, we can all likely agree on the reasons to adopt a cloud strategy. But a recent Harvard study offers an interesting, and even somewhat surprising view into the current state of cloud adoption and associated risks.

The study found that organizations are embracing the cloud to meet strategic business demands, improve experiences for customers and internal users, and provide greater business agility and data capabilities. These needs supersede the traditional drivers of cost savings and ease of implementation. The report states that small businesses actually stand to benefit from the cloud more than enterprises.

Of those surveyed, enterprises are more likely to adopt a hybrid cloud model, followed by the private cloud. And just 10% or more are mostly in the public cloud. Respondents say the cloud or hybrid cloud systems have significantly improved collaboration, business agility, and flexibility. The cloud also enhanced their ability to manage, analyze, act, and share data to empower employees and creating a better user experience.

While the benefits continue to expand across business lines, companies often underestimate the impact of a hybrid cloud model on an organization. Using a hybrid cloud can create these three challenges for IT organizations:

Maintaining control of the entire IT process. For those surveyed in the Harvard study, the types of systems and services most likely to reside in the cloud include email and communication tools, followed by billing and invoicing, BI, payroll, customer service, and project management. While all of these systems make good business sense, I’ve heard endless stories about employees going online and charging thousands of dollars for a variety of cloud-based services without authorization. So in the quest to simplify cloud application development, mixing cloud services can often make things somewhat more complex for IT. And organizations just can’t afford to lose control of their IT, especially in highly regulated industries.

IT organizations must ensure a proper system of checks and balances to control, approve and regulate cloud services before they are purchased and deployed. This level of control is needed to properly plan, budget and scale resources, secure services, and meet regulatory requirements. Organizations also need to implement policies around their service catalogue systems to track what they do and when they can offer access. For instance, for developers working on new applications, IT should enforce policies on when they are allowed to spin up databases, or ensure that running backup services in the cloud are only available and allowed on the weekends.

Security. As companies migrate to a hybrid cloud, security should and always be a top concern. When organizations integrate on-premise and cloud security, they often produce disparate systems with different sets of credentials. Organizations are more vulnerable to hacking when managing and merging these two sets of security parameters. Even with all of the ransomware scares in the news, some companies still don’t have adequate on-premise security, such as malware detection or controls around access to the systems. This obviously creates unnecessary vulnerabilities.

I always advise companies to use two-factor authentication. In fact, they should always use three properties to access a system with: something they know (a password), something they are (such as a code sent to a device), something they have access to (a smart card or key).

Seamless, transparent access to the network. As a devoted Star Trek fan, I equate seamless access on a network to when Captain Kirk says, “Hello Computer” on the Enterprise. He doesn’t know or care where the computer is, if it’s on the enterprise, on another planet or a Vulcan computer. He only cares about the end result. People care about getting services quickly and seamlessly. One of the biggest challenges we see is in doing just that - getting people seamless, transparent access to everything on the network on premise or off-premise.

Companies must adapt their operational management platforms to manage everything on-premises and off-premises, whether they are working in Oracle, RDS or another database. In a heterogeneous IT environment, it’s important to not only track on- and off- premises resources and application performance within your current cloud management platform, but to unify them for comprehensive visibility. Advanced hybrid cloud management technologies, like VMware vRealize aggregate data from both virtualized and cloud-based infrastructures, databases and applications, so you can monitor what’s going on and analyze technologies from multiple vendors inside your preferred IT operations, cloud management or application performance management platform.

It has been interesting to watch the cloud computing industry evolve. More and more companies will embrace the cloud as prices drop, open standards are put in place, and new technologies like containers and APIs make the cloud applications easier to develop and use. It’s still important to remember that IT must play a very important and strategic role in controlling processes, security and access for the entire organization to ensure that voyage is successful.


This article was originally posted “Creating A Better Cloud” from Cloud Strategy Magazine.