Cloud control: 4 steps to find your company's IT balance
The idea that all workloads are moving to the cloud overnight—and your company’s IT department had better follow suit—is a notion that has gained momentum over the past few years.
But while cloud computing continues to be at the center of attention within IT departments, the reality is the world of IT tends to move deliberately and carefully, and migrating legacy systems to the cloud is a complex task. Almost every company is going to need to adopt some sort of hybrid model on its cloud journey, according to Ken Won, director of cloud products and solutions marketing at Hewlett Packard Enterprise.
How can you assess what is best for your company’s IT balance? To help you, we have gathered the most important questions you should ask, according to IT research and advisory company 451 Research.
The report “Best Practices for Workload Placement in a Hybrid IT Environment” details a deep investigation 451 Research conducted into the elements companies have to account for when adjusting their IT balance, including cost, business conditions, security, and regulation. Here’s an examination of each one.
Of the organizations polled by 451 Research in 2016, 61 percent anticipated spending less on hardware because they are shifting from traditional IT to on-premises clouds. The areas on which they expect to reduce spending are servers, storage, and networking.
If you’re thinking of comparing private and public cloud, the value of the public cloud is easy to figure out, according to Andy DeBernardis, who is part of HPE’s Worldwide Cloud Solutions Marketing team. “There are tools online that can help you do so,” he says. These tools for determining total cost of ownership (TOC) include the AWS TCO calculator, the Google Cloud Platform TCO Pricing Calculator, and the VMware TCO Comparison Calculator. “Determining cost for the private cloud requires many more factors to be considered,” he adds, and there are fewer TCO tools out there that figure in all of them.
But how much will your company actually use its on-premises private servers? More utilization might result in more spending on server virtualization, but such increases are likely to be offset by the hardware savings. Your action in terms of the cost of private cloud must encompass how much cloud know-how you have within your company, the number of virtual machines an administrator can oversee, and what kind of high-level buy-in you have for private virtualization.
If you lack expertise and time for administration, you may wish to rely less on a private cloud.
Another aspect to consider is how much your company runs largely on traditional IT. It will prove difficult to eat those investments and just dump your IT capacity to the cloud, says Rich Mogull, CEO of security research and advisory firm Securosis.
Workloads already running in non-cloud infrastructure can sometimes incur large costs when they are moved to the cloud—from employee hours devoted to preparing and modernizing data to move it from one language environment to another, to hiring consultants to oversee the move, to the most expensive outlay: servers. If you go with the public cloud, you will need to find a provider whose costs are affordable. If you want to create your own private cloud, the cost of servers on which to run it is not inconsequential. Additionally, you may be dealing with workloads that were deployed years or even decades earlier, which means plowing through lots of old documentation.
You'll need to do a TCO assessment of the various IT options, factoring in both Capex (total capital costs) and Opex (total operating expenditures), as well as training and personnel considerations. TCO calculators and other IT deployment tools can help you make this decision. However, “the efficacy of such tools depends greatly on organizations’ ability to identify and measure IT usage,” according to 451 Research.
2. Business conditions
If you need the ability to respond quickly to changing business conditions, the question to ask is what IT configuration will allow you to shift directions most quickly: your current traditional IT setup, on-premises private cloud, or a public cloud model?
In nearly every one of the 16 different workloads 451 Research studied, the top reason cited by company leaders for deploying to the cloud was to “respond faster to business needs.”
However, respondents frequently cited the desire to respond more quickly to shifting business circumstances as a reason for deploying workloads to non-cloud environments.
Your approach depends on your industry, according to HPE’s DeBernardis.
In large, stable industries such as manufacturing and utilities, where agility is generally not a priority, organizations are more likely to use a private architecture for any cloud needs, while faster growth industries, where agility is clearly a dominant factor, may opt for public cloud solutions.
Before you make the decision to change your IT mix to include more cloud, you need to determine the business value of accelerating time to market. If acceleration isn't important to your company, it may not be a major factor in balancing your IT.
No one who has labored in—or with—the public cloud in the past decade would be surprised at the ferocity of the war waged between cloud providers and hackers. Large, damaging intrusions have happened to the public cloud with alarming frequency, so the association of “cloud” with “security” is not guaranteed.
Without question, the relatively large number of security specialists laboring at the major public cloud providers, along with the exposure to and experience with the global threat environment these providers have, should make for a highly secure cloud environment. Even the largest enterprises can't match this aggregate skill set and knowledge base.
But given the fact that public cloud services are a gigantic security target, workloads involving highly sensitive data might be better deployed to on-premises environments, whether cloud or non-cloud.
This, in a way, is the easiest assessment to make for a company, with one exception: It is essential to separate “important” from “sensitive.” You will be hard-pressed to find an employee at your company who doesn’t believe the data they produce is important. But just because information is important does not mean it is a security risk. In our personal lives, we tend, if we’re capable, to put such items as jewelry, birth certificates, and mortgage papers in safe deposit boxes. But we toss our car keys in a dish near our front door. A car is not less important than a birth certificate, but it is less sensitive.
4. Regulation and compliance
If your company belongs to a highly regulated industry, the public cloud may prove a rough row to hoe.
Take healthcare, for example. While the HIPAA privacy law does not explicitly state what kinds of data may or may not be hosted on different cloud types, it does set out enormous financial penalties in the event that access and integrity of personal health information has been insufficiently protected. Running HIPAA-compliant data on the public cloud is so complex an undertaking that an entire cottage industry has sprung up based on helping healthcare organizations build "HIPAA-compliant clouds."
Many healthcare companies choose instead to use non-cloud environments for their most sensitive workloads. IT leaders in all highly regulated sectors—finance, government, and education—should proceed with care when it comes to deploying workloads in cloud environments, cautions 451 Research, particularly in public clouds. Some of the most regulated industries are also some of the most breached.
On-premises private cloud as well as traditional non-cloud IT might be better options for workload deployment in such cases.
Hybrid IT balance: Lessons for leaders
- Finding your IT balance is not a zero-sum game; you don’t have to choose legacy IT, public cloud, or private cloud. You can mix those options based on your workloads.
- Every element of your balance equation should be subjected to a cost-benefit analysis.
- You’ll find your ideal IT balance in the interplay between your primary business considerations. Before making a change, evaluate cost, security, agility, and compliance as a whole.
This article/content was written by the individual writer identified and does not necessarily reflect the view of Hewlett Packard Enterprise Company.