10 Cloud Deficiencies You Should Know
(This article was originally published on The New Stack)
Ever played the business game “pre-mortem”? It works like this. Before you start a new project or initiative, you imagine a huge failure can be traced back to this very moment. It’s 1, 5, or even 10 years in the future and you’re doing a post-mortem. You ask yourself, “What went wrong?” The answers are meant to help you plan better from Day 1 to avoid mistakes, and prepare yourself for likely pitfalls and challenges.
While the cloud has transformed the way that developers and engineers build products, allowing for faster delivery, more flexibility and the simple ability to scale, that doesn’t mean it comes without flaws. Consider this article your pre-mortem checklist for the cloud – a list of 10 common problems that organizations find when they create a cloud roadmap. Knowing them ahead of time can help you put the right processes and technologies in place to ensure your project soars rather than sinks.
The first, and probably the biggest one on our list – your expenses can easily spiral in the cloud. While it’s true that you’re paying for just what you need, developers often over-provision resources to accommodate future scale. As business agility and continuity is essential, costs are usually a lower priority when the new release is needed ASAP. Automation can help here, allowing you to intelligently scale up and down as necessary, or shut down idle resources when they aren’t in use.
Most cloud security issues come from a misunderstanding of the shared responsibility model. Simply put, while your cloud vendor is responsible for the security of the cloud – you’re responsible for security in the cloud, which includes user access, networking, applications and data.
On-premises concepts such as least privilege and perimeter firewalls don’t mean much when it comes to the cloud, so you’ll need security that manages East-West traffic inside the network, and a cloud-focused approach that keeps crown-jewel assets and data secure.
Consider the compliance mandates which are essential to your organization, whether that’s HIPAA, PCI-DSS, GDPR, FIPS or any other. Especially if you use a multicloud approach, it can be tough to gain visibility into the way traffic moves around your data center – and many organizations make the mistake of thinking that compliance is in the cloud vendor’s court.
88% of IT decision makers say that compliance is a roadblock to further cloud adoption. So it’s time to get familiar with cloud native compliance tools like AWS Audit Manager and Artifact, or Azure Policy, which can help you set Guardrails and avoid misconfigurations or blind spots.
What happens if your cloud environment goes down, due to challenges outside of your control? If your answer is “Eek – I don’t want to think about that!” you’re not prepared enough. Disaster preparedness plans can include running your workload across multiple Availability Zones or regions, or even in a multicloud environment. Make sure you have stakeholders (and back-up stakeholders) assigned to any manual tasks, such as switching to backup instances or relaunching from a system restore point. Remember, don’t wait until you’re faced with a worst case scenario to test your response – set up drills and trial runs to make sure your ducks are quacking in a row.
One thing you might not imagine the cloud being is… boring. Without cloud automation, there are a lot of manual and tedious tasks to complete and if you have one hundred VMs, they’ll require constant monitoring, configuration and management one hundred times over. You’ll need to think about configuring VMs according to your business requirements, setting up virtual networks, adjusting for scale and even managing availability and performance. On an ongoing basis, many IT departments forget or skip manual tasks such as backing up systems, removing idle resources, or establishing version control. Even if these tasks are completed manually, you’re opening yourself up to risk through human error.
No one moves to the cloud to make their lives simpler, but the amount of complexity can be a shock to many organizations. There are fewer common services than you find on-premises, and the sheer number of workloads, platforms, DB, storage systems and governance and security tools can become a headache – fast. Now multiply that by the number of clouds you’re using and remember that DevOps are often told they can do whatever they want to ensure speed. It’s no wonder environments are becoming spaghetti junction. What can you do? Start with visibility, and enforce rules such as no shadow IT or only native cloud tools unless otherwise approved.
How liable is your business if you suffer a data breach? A lot depends on how prepared you were to begin with. For example, when it comes to GDPR, have you established roles such as Data Controller and Data Processor to narrow down liability? Have you created terms or an SLA for your users that explains how their data is protected on the cloud, and the limits of your liability in case of a breach? Remember, your cloud provider isn’t responsible for the privacy of your data, so you’re on your own for making sure your legal i’s and t’s are dotted and crossed.
Internal governance is sometimes forgotten in the race to stay externally compliant with ever-changing regulations. However, your internal governance is just as likely to protect you from a data breach or a cloud security incident. Think about how you’re going to control Identity and Access Management, including RBAC (Role-based Access Control) and credential management, not only for your employees and customers, but also for your wider supply chain. Also, psst – don’t forget a thorough offboarding process!
9. Vendor lock-in
Many of the challenges involve complexity and the lack of visibility, and so many businesses look to limit this by going ‘all in’ with a single cloud vendor. Make sure to balance the risks of sticking with a single cloud against the benefits, as you don’t want to feel stuck with a single provider, forced to accept rising costs or a limited feature-set as your business grows. Ask your provider at the earliest stages questions such as “What is the process for switching vendors?” “How will you help us migrate data or with deconversion where necessary?” “What are your termination clauses, and how much notice do we need to provide to make a change?”
10. Skills gaps
Forbes calls it the Cloud Talent Drought – and 86% of organizations believe it’s slowing down cloud projects. While you might have the talent you need today, we’re in the midst of a Great Resignation and you can’t guarantee you’ll keep employees on board for the long term. Ask yourself, which people are you relying on right now and what would happen if their two-week’s notice hit your desk tomorrow morning? One sure-fire way to protect yourself from this one is with technology. Know who never quits for a higher salary or a package that includes a snazzy company car? First name A, last name I.
Understanding cloud deficiencies helps you start your cloud journey strong
“What’s the worst that could happen?” This question might feel defeatist when you’re excitedly forging ahead with a new cloud strategy, but it’s actually a smart way to approach change management in your business. Recognizing the top 10 problems that other businesses face on the cloud puts you in an awesome position to sidestep the landmines and prepare ahead of time with the technology, processes and essentially – the mindset you need for success.
Looking for a simpler way to manage cloud deficiencies? Let Zesty’s AI automate the mundane cloud management tasks you don’t want to do! Talk to one of our cloud experts to learn more.