Common Cloud Migration Errors and Trends
A Q&A with David Linthicum
David Linthicum is an Analyst for Gigaom Research and a consultant with Cloud Technology Partners. He is the author and coauthor of 13 books on computing, including the best-selling “Enterprise Application Integration.” His latest book is “Cloud Computing and SOA Convergence in Your Enterprise, a Step-by-Step Approach.”
StrataCloud: Recently, you wrote about common cloud migration errors, citing choosing the wrong platform as one of them. Any tips for companies as to how to make the right decision in platform and model?
Linthicum: This always comes down to the core requirements. There should be an overall cloud strategy at the enterprise which outlines the business benefits and use cases for making that happen. Companies have to factor in their business processes and how they store data and other IT requirements. The business leads to the requirements, which leads to the architecture which leads to the type of cloud model that you choose.
StrataCloud: What are the barriers for an organization to reach that decision?
Linthicum: Barriers for decisions are people. It’s weird to them, it’s new stuff, and it’s scary. Change is an impediment. But there’s also an unwillingness to spend money. Companies want to move to the cloud but they want it to be a zero-sum game. You have to get resources in place, and get the technology in place and hire the people before you can get to the cost savings. It takes resources to get to the agility and other business benefits. Companies that think they can spend no money or less money when they move to the cloud are not living in reality. Sometimes, the vendors contribute to this problem and tell them it’s going to be cheap.
StrataCloud: Are you seeing any trends on private versus public clouds?
Linthicum: We are seeing that companies are opting for public cloud across industries and that is where the growth is. Public cloud didn’t used to have the monitoring, governance and security features for the enterprise, but the providers have fixed those issues now and in many ways, it’s better than on-premise environments. There hasn’t been Armageddon with public cloud data being stolen. The big breach events in the press have involved on-premise environments. The public cloud is also the path of least costs and more efficiencies and enterprises are seeing that their peers are adopting public cloud.
StrataCloud: Security is still a much debated question in the cloud. What’s your opinion on the state of security features among the top public cloud providers today, compared with private cloud or hybrid cloud environments?
Linthicum: Most on-premise systems are less secure. Anthem, Sony and Home Depot are traditional environments that got hacked. In the cloud, we can almost over-engineer security. Two-factor authentication, federated identity management—these are systemic to the cloud environments that I work on and you just don’t see those systems in traditional enterprises. Too often it’s an environment where you have the basic user ID, passwords and no encryption. Now, I am not saying store CIA data in the public cloud and in some instances you can’t store data outside of the firewall because of some legal issue. There are some odd laws in Europe for keeping certain data sets in country. But a lot of verticals like healthcare and financial services that used to be stringent about where they can store data have now added cloud to their ability to be compliant. If it’s going to keep you up at night, then don’t put in the cloud. But if you’re looking to push the cloud out because of security, there’s really no facts to support that.
StrataCloud: Cloud management and orchestration tools seem to be everywhere right now. How can companies navigate the solutions and how would you define the market?
Linthicum: This industry is maturing a ton, and going in a lot of different directions. Some tools are more broker-oriented, others are more DevOps oriented and then there are tools that focus on multi-cloud resource provisioning and management. There are no common patterns to the vendors in the briefings I sit in on. That in turn causes confusion and people put off buying decisions. Everyone has their own approach and those are vastly different. However the basic patterns are to provide a layer of abstraction behind public and private cloud resources, to manage resources through a single plane of glass, automate management, link to development environments and to broker cloud services. Enterprises will end up with two or three tools to solve all the problems in management, security and governance. There is not a best tool on the market. I would say there are 10 best ones, and picking one depends upon your requirements.
StrataCloud: Is the concept of “unified management infrastructure” resonating with CIOs and CTOs as a way to help manage risk and performance with cloud applications?
Linthicum: Yes it is resonating. Most of the multi-cloud management platforms do that. StrataCloud is part of a group of technology that companies will consider for performance monitoring, rightsizing, brokering and provisioning, syncing with DevOps teams. If you are a financial company where sub-second response time is your business, this kind of technology is something you’ll want to take a look at.
StrataCloud: Beyond technology, what are some staffing and organizational considerations that companies seem to be overlooking when moving to hybrid clouds and public clouds?
Linthicum: It’s hard for companies to find people to give them the right advice as to how to do this and it’s a complex problem. Cloud platforms are all very different. It’s also tough to find the right skill sets so IT organizations are trying to retrofit their own people. It’s an epidemic right now. Many organizations underestimate the complexity and think that cloud is simpler than it actually is. So the skills shortage is killing the industry initially and there are not enough people coming out of college with the right kind of skills either. Those who do have the skills go to consulting firms. Beyond skills, the mindset change is huge, and it’s something that we run into all the time. It’s a tough thing to move away from the waterfall approach, the traditional approach where you have a lot of planning meetings. Now we need to build software at the speed of need. DevOps and Agile are overused concepts but it’s about trying to break down the silos. Organizations want to take six months to do something that should now take six days in the cloud. There’s pushback though, because in traditional organizations there’s not a premium on speed. There may be people lower in the organization who really want change, but you’ve got to have someone at the top with influence and who holds the purse strings.